Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 5, 2024, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191431	7.5	危険	emreturk	-	OpenHuman における SQL インジェクションの脆弱性	-	CVE-2006-6036	2012-06-26 15:37	2006-11-21	Show	GitHub Exploit DB Packet Storm

191432	6.8	警告	f-art agency	-	BLOG:CMS の list.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6035	2012-06-26 15:37	2006-11-21	Show	GitHub Exploit DB Packet Storm

191433	7.5	危険	gcis	-	GCIS ASPCart における SQL インジェクションの脆弱性	-	CVE-2006-6031	2012-06-26 15:37	2006-11-21	Show	GitHub Exploit DB Packet Storm

191434	7.5	危険	futuretec	-	E-Calendar Pro における SQL コマンドを実行される脆弱性	-	CVE-2006-6030	2012-06-26 15:37	2006-11-21	Show	GitHub Exploit DB Packet Storm

191435	5	警告	anton vlasov	-	Anton Vlasov DoSePa の textview.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6028	2012-06-26 15:37	2006-11-21	Show	GitHub Exploit DB Packet Storm

191436	6.8	警告	bestwebapp	-	BestWebApp Dating Site の login_form.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6022	2012-06-26 15:37	2006-11-21	Show	GitHub Exploit DB Packet Storm

191437	7.5	危険	bestwebapp	-	BestWebApp Dating Site のログインコンポーネントにおける SQL インジェクションの脆弱性	-	CVE-2006-6021	2012-06-26 15:37	2006-11-21	Show	GitHub Exploit DB Packet Storm

191438	6.8	警告	blog torrent	-	Blog Torrent Preview の announce.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6020	2012-06-26 15:37	2006-11-21	Show	GitHub Exploit DB Packet Storm

191439	6.8	警告	bloofox	-	Bill Roberts Bloo の extensions/googiespell/googlespell_proxy.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6019	2012-06-26 15:37	2006-11-21	Show	GitHub Exploit DB Packet Storm

191440	5	警告	アップル	-	Safari の JavaScript 実装におけるバッファオーバーフローの脆弱性	-	CVE-2006-6015	2012-06-26 15:37	2006-11-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 5, 2024, 5:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2501	5.4	MEDIUM Network	aimstack	aim	A vulnerability, which was classified as problematic, was found in aimhubio aim up to 3.24. Affected is the function dangerouslySetInnerHTML of the file textbox.tsx of the component Text Explorer. Th…	CWE-79 Cross-site Scripting	CVE-2024-8863	2024-09-21 00:43	2024-09-15	Show	GitHub Exploit DB Packet Storm

2502	6.1	MEDIUM Network	autocms_project	autocms	A vulnerability was found in AutoCMS 5.4. It has been classified as problematic. This affects an unknown part of the file /admin/robot.php. The manipulation of the argument sidebar leads to cross sit…	CWE-79 Cross-site Scripting	CVE-2024-8866	2024-09-21 00:36	2024-09-15	Show	GitHub Exploit DB Packet Storm

2503	7.8	HIGH Local	watchguard	epp_firmware edr_firmware epdr_firmware panda_ad360_firmware	An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on W…	NVD-CWE-noinfo	CVE-2023-26236	2024-09-21 00:35	2023-10-5	Show	GitHub Exploit DB Packet Storm

2504	2.7	LOW Network	purestorage	purity	A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an object’s retention period can affect the availability of the object lock.	NVD-CWE-noinfo	CVE-2023-28372	2024-09-21 00:35	2023-10-3	Show	GitHub Exploit DB Packet Storm

2505	6.1	MEDIUM Network	onlyoffice	document_server	ONLYOFFICE Docs before 8.0.1 allows XSS because a macro is an immediately-invoked function expression (IIFE), and therefore a sandbox escape is possible by directly calling the constructor of the Fun…	CWE-79 Cross-site Scripting	CVE-2023-50883	2024-09-21 00:18	2024-09-10	Show	GitHub Exploit DB Packet Storm

2506	-		-	-	Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for Windows may allow an authenticated user to conduct an escalation of privilege via local access.	-	CVE-2024-27244	2024-09-21 00:15	2024-05-16	Show	GitHub Exploit DB Packet Storm

2507	-		-	-	Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access.	-	CVE-2024-27243	2024-09-21 00:15	2024-05-16	Show	GitHub Exploit DB Packet Storm

2508	-		-	-	Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5.17.10 may allow a privileged user to conduct an escalation of privilege via local access.	-	CVE-2024-27247	2024-09-21 00:15	2024-04-10	Show	GitHub Exploit DB Packet Storm

2509	-		-	-	Improper privilege management in the installer for Zoom Desktop Client for Windows before version 5.17.10 may allow an authenticated user to conduct an escalation of privilege via local access.	-	CVE-2024-24694	2024-09-21 00:15	2024-04-10	Show	GitHub Exploit DB Packet Storm

2510	5.5	MEDIUM Local	zoom	rooms	Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access.	NVD-CWE-Other	CVE-2024-24693	2024-09-21 00:15	2024-03-14	Show	GitHub Exploit DB Packet Storm