Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 2, 2024, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191391 7.5 危険 Discuz - Discuz! GBK の admincp.php における SQL インジェクションの脆弱性 - CVE-2006-5561 2012-06-26 15:37 2006-10-27 Show GitHub Exploit DB Packet Storm
191392 5.1 警告 boesch-it - Boesch ProgSys の heading.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5560 2012-06-26 15:37 2006-10-27 Show GitHub Exploit DB Packet Storm
191393 7.5 危険 epnadmin - EPNadmin の constantes.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5555 2012-06-26 15:37 2006-10-26 Show GitHub Exploit DB Packet Storm
191394 7.5 危険 blackdot - Imageview の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5554 2012-06-26 15:37 2006-10-26 Show GitHub Exploit DB Packet Storm
191395 7.8 危険 シスコシステムズ - CUCM などで使用される CSA for Linux におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5553 2012-06-26 15:37 2006-10-25 Show GitHub Exploit DB Packet Storm
191396 4.9 警告 FreeBSD
OpenBSD		 - FreeBSD および OpenBSD のカーネルにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5550 2012-06-26 15:37 2006-10-26 Show GitHub Exploit DB Packet Storm
191397 5 警告 D-Link Systems, Inc. - D-Link DSL-G624T における cgi-bin ディレクトリのコンテンツを一覧にされる脆弱性 - CVE-2006-5538 2012-06-26 15:37 2006-10-26 Show GitHub Exploit DB Packet Storm
191398 4.3 警告 D-Link Systems, Inc. - D-Link DSL-G624T の cgi-bin/webcm におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5537 2012-06-26 15:37 2006-10-26 Show GitHub Exploit DB Packet Storm
191399 5 警告 D-Link Systems, Inc. - D-Link DSL-G624T の cgi-bin/webcm におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5536 2012-06-26 15:37 2006-10-26 Show GitHub Exploit DB Packet Storm
191400 4.3 警告 cPanel - WHM におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5535 2012-06-26 15:37 2006-10-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 2, 2024, 8:12 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1861 5.5 MEDIUM
Local 		apple macos The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause a denial-of-service. NVD-CWE-noinfo
CVE-2024-23237 2024-09-24 04:53 2024-09-17 Show GitHub Exploit DB Packet Storm
1862 7.2 HIGH
Network 		litellm litellm An SQL Injection vulnerability exists in the berriai/litellm repository, specifically within the `/global/spend/logs` endpoint. The vulnerability arises due to improper neutralization of special elem… CWE-89
SQL Injection 		CVE-2024-5225 2024-09-24 04:46 2024-06-7 Show GitHub Exploit DB Packet Storm
1863 7.5 HIGH
Network 		drupal drupal In certain scenarios, Drupal's JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading… NVD-CWE-noinfo
CVE-2023-5256 2024-09-24 04:35 2023-09-29 Show GitHub Exploit DB Packet Storm
1864 4.8 MEDIUM
Network 		ritecms ritecms Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu. CWE-79
Cross-site Scripting 		CVE-2023-43879 2024-09-24 04:35 2023-09-29 Show GitHub Exploit DB Packet Storm
1865 5.3 MEDIUM
Network 		oracle access_manager Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerabili… NVD-CWE-noinfo
CVE-2022-39405 2024-09-24 04:35 2022-10-19 Show GitHub Exploit DB Packet Storm
1866 6.4 MEDIUM
Network 		oracle banking_trade_finance Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit v… NVD-CWE-noinfo
CVE-2022-21586 2024-09-24 04:35 2022-07-20 Show GitHub Exploit DB Packet Storm
1867 5.3 MEDIUM
Network 		contao contao Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page (front end). Users are advised to update to… CWE-74
Injection 		CVE-2024-45612 2024-09-24 04:33 2024-09-18 Show GitHub Exploit DB Packet Storm
1868 6.1 MEDIUM
Local 		apple macos
iphone_os
ipados 		A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using pri… NVD-CWE-noinfo
CVE-2024-40826 2024-09-24 04:25 2024-09-17 Show GitHub Exploit DB Packet Storm
1869 3.3 LOW
Local 		apple iphone_os
ipados 		This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps. NVD-CWE-noinfo
CVE-2024-40830 2024-09-24 04:19 2024-09-17 Show GitHub Exploit DB Packet Storm
1870 5.5 MEDIUM
Local 		apple macos A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access a user's Photos Library. CWE-281
 Improper Preservation of Permissions 		CVE-2024-40831 2024-09-24 04:18 2024-09-17 Show GitHub Exploit DB Packet Storm