Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Sept. 22, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191531	7.8	危険	シーメンス	-	Siemens Scalance X Industrial Ethernet スイッチにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-1802	2012-04-19 16:42	2012-04-5	Show	GitHub Exploit DB Packet Storm

191532	6.1	警告	シーメンス	-	複数の Siemens Scalance S Security Module ファイアウォールのファームウェアにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-1800	2012-04-19 16:38	2012-04-5	Show	GitHub Exploit DB Packet Storm

191533	10	危険	シーメンス	-	複数の Siemens Scalance S Security Module ファイアウォールのファームウェアの Web サーバにおけるアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2012-1799	2012-04-19 16:36	2012-04-5	Show	GitHub Exploit DB Packet Storm

191534	7.7	危険	ABB	-	複数の ABB 製品におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-1801	2012-04-19 16:02	2012-04-18	Show	GitHub Exploit DB Packet Storm

191535	9.3	危険	Irfan Skiljan	-	IrfanView 用 FlashPix PlugIn におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-0278	2012-04-19 15:58	2012-04-18	Show	GitHub Exploit DB Packet Storm

191536	3.2	注意	ヒューレット・パッカード	-	HP System Management Homepage におけるデータを改ざんされる脆弱性	CWE-noinfo 情報不足	CVE-2012-1993	2012-04-19 15:55	2012-04-16	Show	GitHub Exploit DB Packet Storm

191537	3.5	注意	ヒューレット・パッカード	-	HP System Management Homepage におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2012-0135	2012-04-19 15:55	2012-04-16	Show	GitHub Exploit DB Packet Storm

191538	5	警告	AdAstrA Research Group	-	AdAstrA TRACE MODE Data Center における任意のファイルを読まれる脆弱性	CWE-noinfo 情報不足	CVE-2011-5087	2012-04-19 15:54	2012-04-18	Show	GitHub Exploit DB Packet Storm

191539	6.8	警告	Unitronics	-	Unitronics UniOPC の https50.ocx におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-5086	2012-04-19 15:52	2011-10-12	Show	GitHub Exploit DB Packet Storm

191540	5	警告	Open Automation Software	-	Open Automation Software の OPC Systems.NET におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-4871	2012-04-19 15:50	2012-01-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Sept. 22, 2024, 4:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
171	5.5	MEDIUM Local	zoom	rooms	Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access. Update	NVD-CWE-Other	CVE-2024-24693	2024-09-21 00:15	2024-03-14	Show	GitHub Exploit DB Packet Storm

172	-		-	-	Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via… Update	-	CVE-2024-24691	2024-09-21 00:15	2024-02-14	Show	GitHub Exploit DB Packet Storm

173	-		-	-	Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access. Update	-	CVE-2024-24690	2024-09-21 00:15	2024-02-14	Show	GitHub Exploit DB Packet Storm

174	7.8	HIGH Local	zoom	zoom video_software_development_kit meeting_software_development_kit virtual_desktop_infrastructure	Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of p… Update	NVD-CWE-noinfo	CVE-2023-49647	2024-09-21 00:15	2024-01-13	Show	GitHub Exploit DB Packet Storm

175	6.5	MEDIUM Network	zoom	zoom virtual_desktop_infrastructure meeting_software_development_kit video_software_development_kit	Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access. Update	CWE-287 Improper Authentication	CVE-2023-49646	2024-09-21 00:15	2023-12-14	Show	GitHub Exploit DB Packet Storm

176	6.5	MEDIUM Network	zoom	meetings virtual_desktop_infrastructure zoom	Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access. Update	NVD-CWE-Other	CVE-2023-43588	2024-09-21 00:15	2023-11-15	Show	GitHub Exploit DB Packet Storm

177	7.5	HIGH Network	litellm	litellm	A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. This vulnerability allows users to specify the `api_base` parameter when making requests to `POST /chat/c… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-6587	2024-09-20 23:55	2024-09-14	Show	GitHub Exploit DB Packet Storm

178	9.8	CRITICAL Network	thinkphp	thinkphp	A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code. Update	CWE-502 Deserialization of Untrusted Data	CVE-2024-44902	2024-09-20 23:55	2024-09-10	Show	GitHub Exploit DB Packet Storm

179	9.1	CRITICAL Network	baxter	connex_health_portal	In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex po… Update	NVD-CWE-noinfo	CVE-2024-6796	2024-09-20 23:53	2024-09-10	Show	GitHub Exploit DB Packet Storm

180	9.8	CRITICAL Network	baxter	connex_health_portal	In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database.… Update	CWE-89 SQL Injection	CVE-2024-6795	2024-09-20 23:53	2024-09-10	Show	GitHub Exploit DB Packet Storm