Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Sept. 21, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191371 4.3 警告 オラクル - Oracle BI Publisher における Administration の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0543 2012-05-9 17:54 2012-04-17 Show GitHub Exploit DB Packet Storm
191372 5.5 警告 オラクル - Oracle Identity Manager における User Config Management の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0532 2012-05-9 17:45 2012-04-17 Show GitHub Exploit DB Packet Storm
191373 7.5 危険 オラクル - Oracle WebCenter Forms Recognition における Designer の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-1709 2012-05-9 17:40 2012-04-17 Show GitHub Exploit DB Packet Storm
191374 10 危険 サン・マイクロシステムズ
オラクル		 - Oracle JRockit および JDK/JRE における脆弱性 CWE-noinfo
情報不足 		CVE-2012-1695 2012-05-9 17:19 2012-04-17 Show GitHub Exploit DB Packet Storm
191375 4 警告 オラクル - Oracle の Siebel Clinical における Web UI の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-1674 2012-05-9 16:46 2012-04-17 Show GitHub Exploit DB Packet Storm
191376 4 警告 オラクル - Oracle の Siebel Clinical における Web UI の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0582 2012-05-9 16:42 2012-04-17 Show GitHub Exploit DB Packet Storm
191377 4.3 警告 オラクル - Oracle の Primavera P6 Enterprise Project Portfolio Management における脆弱性 CWE-noinfo
情報不足 		CVE-2012-0558 2012-05-9 16:28 2012-04-17 Show GitHub Exploit DB Packet Storm
191378 3.5 注意 オラクル - Oracle FLEXCUBE Universal Banking における Core の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0579 2012-05-9 16:23 2012-04-17 Show GitHub Exploit DB Packet Storm
191379 3.5 注意 オラクル - Oracle FLEXCUBE Universal Banking における Core の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0577 2012-05-9 16:22 2012-04-17 Show GitHub Exploit DB Packet Storm
191380 3.5 注意 オラクル - Oracle FLEXCUBE Universal Banking における Core の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0544 2012-05-9 16:22 2012-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Sept. 21, 2024, 4:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
141 6.5 MEDIUM
Network 		zoom meetings
virtual_desktop_infrastructure
zoom 		Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access. Update NVD-CWE-Other
CVE-2023-43588 2024-09-21 00:15 2023-11-15 Show GitHub Exploit DB Packet Storm
142 7.5 HIGH
Network 		litellm litellm A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. This vulnerability allows users to specify the `api_base` parameter when making requests to `POST /chat/c… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-6587 2024-09-20 23:55 2024-09-14 Show GitHub Exploit DB Packet Storm
143 9.8 CRITICAL
Network 		thinkphp thinkphp A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code. Update CWE-502
 Deserialization of Untrusted Data 		CVE-2024-44902 2024-09-20 23:55 2024-09-10 Show GitHub Exploit DB Packet Storm
144 9.1 CRITICAL
Network 		baxter connex_health_portal In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex po… Update NVD-CWE-noinfo
CVE-2024-6796 2024-09-20 23:53 2024-09-10 Show GitHub Exploit DB Packet Storm
145 9.8 CRITICAL
Network 		baxter connex_health_portal In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database.… Update CWE-89
SQL Injection 		CVE-2024-6795 2024-09-20 23:53 2024-09-10 Show GitHub Exploit DB Packet Storm
146 9.8 CRITICAL
Network 		sfs winsure Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection.This issue affects ww.Winsure: before 4.6.2. Update CWE-94
Code Injection 		CVE-2024-7104 2024-09-20 23:44 2024-09-17 Show GitHub Exploit DB Packet Storm
147 7.8 HIGH
Local 		ui unifi_network_application A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell acces… Update CWE-77
Command Injection 		CVE-2024-42025 2024-09-20 23:40 2024-09-14 Show GitHub Exploit DB Packet Storm
148 - - - runofast Indoor Security Camera for Baby Monitor has a default password of password for the root account. This allows access to the /stream1 URI via the rtsp:// protocol to receive the video and audi… New - CVE-2024-46959 2024-09-20 23:35 2024-09-19 Show GitHub Exploit DB Packet Storm
149 - - - An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x before 12.4.3.35110, 12.5.x before 12.5.2.35950, 12.6.x before 12.6.2.37183, and 12.7.x before 12.7.1.38… New - CVE-2024-45523 2024-09-20 23:35 2024-09-19 Show GitHub Exploit DB Packet Storm
150 - - - Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat on the Micro SD card. New - CVE-2023-41612 2024-09-20 23:35 2024-09-19 Show GitHub Exploit DB Packet Storm