Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 2, 2024, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191541	4.3	警告	DNN	-	Perpetual Motion Interactive Systems DotNetNuke の Default.aspx におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4973	2012-06-26 15:37	2006-09-17	Show	GitHub Exploit DB Packet Storm

191542	7.5	危険	chumpsoft	-	phpQ の inc/ifunctions.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4966	2012-06-26 15:37	2006-09-24	Show	GitHub Exploit DB Packet Storm

191543	6.4	警告	Exponent CMS project	-	Exponent CMS の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4963	2012-06-26 15:37	2006-09-23	Show	GitHub Exploit DB Packet Storm

191544	6.4	警告	blue dragon	-	Php Blue Dragon の pbd_engine.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4962	2012-06-26 15:37	2006-09-23	Show	GitHub Exploit DB Packet Storm

191545	7.5	危険	blue dragon	-	Php Blue Dragon の GetModuleConfig 関数における SQL インジェクションの脆弱性	-	CVE-2006-4961	2012-06-26 15:37	2006-09-23	Show	GitHub Exploit DB Packet Storm

191546	6.8	警告	blue dragon	-	Php Blue Dragon の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4960	2012-06-26 15:37	2006-09-23	Show	GitHub Exploit DB Packet Storm

191547	4.3	警告	Drupal	-	Drupal の Site Profile Directory におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4949	2012-06-26 15:37	2006-09-20	Show	GitHub Exploit DB Packet Storm

191548	6.8	警告	Drupal	-	Drupal の Search Keywords モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4947	2012-06-26 15:37	2006-09-20	Show	GitHub Exploit DB Packet Storm

191549	5.1	警告	cmsdevelopment	-	BCWB の include/startup.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4946	2012-06-26 15:37	2006-09-22	Show	GitHub Exploit DB Packet Storm

191550	5.1	警告	cardway	-	Cardway DigitalWebShop における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4945	2012-06-26 15:37	2006-09-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 2, 2024, 8:12 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1781	7.1	HIGH Local	acronis	agent	Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36343.	CWE-862 Missing Authorization	CVE-2023-45246	2024-09-24 04:54	2023-10-6	Show	GitHub Exploit DB Packet Storm

1782	5.5	MEDIUM Local	apple	macos	The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause a denial-of-service.	NVD-CWE-noinfo	CVE-2024-23237	2024-09-24 04:53	2024-09-17	Show	GitHub Exploit DB Packet Storm

1783	7.2	HIGH Network	litellm	litellm	An SQL Injection vulnerability exists in the berriai/litellm repository, specifically within the `/global/spend/logs` endpoint. The vulnerability arises due to improper neutralization of special elem…	CWE-89 SQL Injection	CVE-2024-5225	2024-09-24 04:46	2024-06-7	Show	GitHub Exploit DB Packet Storm

1784	7.5	HIGH Network	drupal	drupal	In certain scenarios, Drupal's JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading…	NVD-CWE-noinfo	CVE-2023-5256	2024-09-24 04:35	2023-09-29	Show	GitHub Exploit DB Packet Storm

1785	4.8	MEDIUM Network	ritecms	ritecms	Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu.	CWE-79 Cross-site Scripting	CVE-2023-43879	2024-09-24 04:35	2023-09-29	Show	GitHub Exploit DB Packet Storm

1786	5.3	MEDIUM Network	oracle	access_manager	Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerabili…	NVD-CWE-noinfo	CVE-2022-39405	2024-09-24 04:35	2022-10-19	Show	GitHub Exploit DB Packet Storm

1787	6.4	MEDIUM Network	oracle	banking_trade_finance	Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit v…	NVD-CWE-noinfo	CVE-2022-21586	2024-09-24 04:35	2022-07-20	Show	GitHub Exploit DB Packet Storm

1788	5.3	MEDIUM Network	contao	contao	Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page (front end). Users are advised to update to…	CWE-74 Injection	CVE-2024-45612	2024-09-24 04:33	2024-09-18	Show	GitHub Exploit DB Packet Storm

1789	6.1	MEDIUM Local	apple	macos iphone_os ipados	A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using pri…	NVD-CWE-noinfo	CVE-2024-40826	2024-09-24 04:25	2024-09-17	Show	GitHub Exploit DB Packet Storm

1790	3.3	LOW Local	apple	iphone_os ipados	This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps.	NVD-CWE-noinfo	CVE-2024-40830	2024-09-24 04:19	2024-09-17	Show	GitHub Exploit DB Packet Storm