Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Sept. 29, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191441	7.5	危険	chaussette	-	Chaussette における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4159	2012-06-26 15:37	2006-08-16	Show	GitHub Exploit DB Packet Storm

191442	6.8	警告	Apache Software Foundation	-	Apache の mod_tc モジュールにおける任意のコードを実行される脆弱性	-	CVE-2006-4154	2012-06-26 15:37	2006-10-16	Show	GitHub Exploit DB Packet Storm

191443	5	警告	arcsoft	-	ArcSoft MMS Composer におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4132	2012-06-26 15:37	2006-08-14	Show	GitHub Exploit DB Packet Storm

191444	7.5	危険	arcsoft	-	ArcSoft MMS Composer におけるバッファオーバーフローの脆弱性	-	CVE-2006-4131	2012-06-26 15:37	2006-08-14	Show	GitHub Exploit DB Packet Storm

191445	4.6	警告	dconnect	-	DConnect Daemon におけるフォーマットストリングの脆弱性	-	CVE-2006-4127	2012-06-26 15:37	2006-08-14	Show	GitHub Exploit DB Packet Storm

191446	5	警告	dconnect	-	DConnect Daemon の cmd.dc.c の dc_chat 関数におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4126	2012-06-26 15:37	2006-08-14	Show	GitHub Exploit DB Packet Storm

191447	7.5	危険	dconnect	-	DConnect Daemon の main.c におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-4125	2012-06-26 15:37	2006-08-14	Show	GitHub Exploit DB Packet Storm

191448	7.5	危険	boite de news	-	Boite de News の boitenews4/index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4123	2012-06-26 15:37	2006-08-14	Show	GitHub Exploit DB Packet Storm

191449	5.1	警告	Drupal	-	Drupal 用の Recipe モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4120	2012-06-26 15:37	2006-08-7	Show	GitHub Exploit DB Packet Storm

191450	5.1	警告	chaossoft	-	GeheimChaos の gc.php における SQL インジェクションの脆弱性	-	CVE-2006-4119	2012-06-26 15:37	2006-08-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Sept. 30, 2024, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2041	9.8	CRITICAL Network	adobe google redhat suse opensuse	flash_player chrome enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_desktop enterprise_linux_eus linux_enterprise_desktop ope…	Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute ar…	CWE-191 Integer Underflow (Wrap or Wraparound)	CVE-2014-0497	2024-09-20 04:56	2014-02-5	Show	GitHub Exploit DB Packet Storm

2042	8.1	HIGH Network	yunknet	online_school_system	A vulnerability was found in ?????????? Yunke Online School System up to 1.5.5. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/educloud/videobind.html…	NVD-CWE-Other	CVE-2024-8417	2024-09-20 04:53	2024-09-5	Show	GitHub Exploit DB Packet Storm

2043	8.8	HIGH Network	adobe suse opensuse redhat	flash_player adobe_air_sdk adobe_air linux_enterprise_desktop opensuse enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_deskto…	Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on…	CWE-415 Double Free	CVE-2014-0502	2024-09-20 04:53	2014-02-21	Show	GitHub Exploit DB Packet Storm

2044	8.8	HIGH Network	adobe suse opensuse redhat	flash_player linux_enterprise_desktop opensuse enterprise_linux_server_aus enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus	Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and…	NVD-CWE-noinfo	CVE-2013-0648	2024-09-20 04:51	2013-02-27	Show	GitHub Exploit DB Packet Storm

2045	8.8	HIGH Network	adobe redhat suse opensuse	flash_player enterprise_linux_server_aus enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus linux_enterprise_desktop opensuse	The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly rest…	NVD-CWE-noinfo	CVE-2013-0643	2024-09-20 04:48	2013-02-27	Show	GitHub Exploit DB Packet Storm

2046	4.3	MEDIUM Network	lunary	lunary	A broken access control vulnerability exists in the latest version of lunary-ai/lunary. The `saml.ts` file allows a user from one organization to update the Identity Provider (IDP) settings and view …	CWE-306 Missing Authentication for Critical Function	CVE-2024-6582	2024-09-20 04:45	2024-09-14	Show	GitHub Exploit DB Packet Storm

2047	8.8	HIGH Network	thingsboard	thingsboard	ThingsBoard before 3.5 allows Server-Side Template Injection if users are allowed to modify an email template, because Apache FreeMarker supports freemarker.template.utility.Execute (for content sent…	CWE-74 Injection	CVE-2023-45303	2024-09-20 04:35	2023-10-7	Show	GitHub Exploit DB Packet Storm

2048	7.5	HIGH Network	nasa	openmct	In NASA Open MCT (aka openmct) before 3.1.0, prototype pollution can occur via an import action.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2023-45282	2024-09-20 04:35	2023-10-7	Show	GitHub Exploit DB Packet Storm

2049	9.8	CRITICAL Network	presto-changeo	attribute_grid	Presto Changeo attributegrid up to 2.0.3 was discovered to contain a SQL injection vulnerability via the component disable_json.php.	CWE-89 SQL Injection	CVE-2023-43983	2024-09-20 04:35	2023-10-6	Show	GitHub Exploit DB Packet Storm

2050	7.5	HIGH Network	dlink	dir-823g_firmware	D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (Do…	CWE-120 Classic Buffer Overflow	CVE-2023-44837	2024-09-20 04:35	2023-10-6	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed