Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 4, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191721	6.4	警告	Exponent CMS project	-	Exponent CMS の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4963	2012-06-26 15:37	2006-09-23	Show	GitHub Exploit DB Packet Storm

191722	6.4	警告	blue dragon	-	Php Blue Dragon の pbd_engine.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4962	2012-06-26 15:37	2006-09-23	Show	GitHub Exploit DB Packet Storm

191723	7.5	危険	blue dragon	-	Php Blue Dragon の GetModuleConfig 関数における SQL インジェクションの脆弱性	-	CVE-2006-4961	2012-06-26 15:37	2006-09-23	Show	GitHub Exploit DB Packet Storm

191724	6.8	警告	blue dragon	-	Php Blue Dragon の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4960	2012-06-26 15:37	2006-09-23	Show	GitHub Exploit DB Packet Storm

191725	4.3	警告	Drupal	-	Drupal の Site Profile Directory におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4949	2012-06-26 15:37	2006-09-20	Show	GitHub Exploit DB Packet Storm

191726	6.8	警告	Drupal	-	Drupal の Search Keywords モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4947	2012-06-26 15:37	2006-09-20	Show	GitHub Exploit DB Packet Storm

191727	5.1	警告	cmsdevelopment	-	BCWB の include/startup.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4946	2012-06-26 15:37	2006-09-22	Show	GitHub Exploit DB Packet Storm

191728	5.1	警告	cardway	-	Cardway DigitalWebShop における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4945	2012-06-26 15:37	2006-09-22	Show	GitHub Exploit DB Packet Storm

191729	7.5	危険	boesch-it	-	ProgSys の includes/pear/Net/DNS/RR.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4944	2012-06-26 15:37	2006-09-22	Show	GitHub Exploit DB Packet Storm

191730	4.3	警告	esyndicat portal system	-	eSyndiCat Portal System の search.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4923	2012-06-26 15:37	2006-09-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 4, 2024, 8:12 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1741	-		-	-	This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls.	-	CVE-2024-1222	2024-09-26 13:15	2024-03-14	Show	GitHub Exploit DB Packet Storm

1742	-		-	-	This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. The attacker must carry out some reconnaiss…	-	CVE-2024-1221	2024-09-26 13:15	2024-03-14	Show	GitHub Exploit DB Packet Storm

1743	-		-	-	Incorrect Privilege Assignment vulnerability in favethemes Houzez allows Privilege Escalation.This issue affects Houzez: from n/a through 3.2.4.	CWE-266 Incorrect Privilege Assignment	CVE-2024-22303	2024-09-26 12:15	2024-09-17	Show	GitHub Exploit DB Packet Storm

1744	-		-	-	An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incor…	-	CVE-2024-4712	2024-09-26 11:15	2024-05-15	Show	GitHub Exploit DB Packet Storm

1745	-		-	-	An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local lo…	-	CVE-2024-3037	2024-09-26 11:15	2024-05-15	Show	GitHub Exploit DB Packet Storm

1746	6.7	MEDIUM Local	papercut	papercut_mf papercut_ng	This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must have local write access to the C Drive. In addition, Print Arch…	NVD-CWE-noinfo	CVE-2023-6006	2024-09-26 11:15	2023-11-14	Show	GitHub Exploit DB Packet Storm

1747	-		-	-	Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. This vulnerability, CVE-2024-2660, affects Vault and V…	-	CVE-2024-2660	2024-09-26 10:15	2024-04-5	Show	GitHub Exploit DB Packet Storm

1748	9.8	CRITICAL Network	microsoft	windows_10_1507	Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released Ju…	NVD-CWE-noinfo	CVE-2024-43491	2024-09-26 10:00	2024-09-11	Show	GitHub Exploit DB Packet Storm

1749	-		-	-	Default credentials on the Web Interface of Evolution Controller 2.x allows anyone to log in to the server directly to perform administrative functions. Upon installation or upon first login, the app…	-	CVE-2024-29844	2024-09-26 08:15	2024-04-15	Show	GitHub Exploit DB Packet Storm

1750	-		-	-	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: It is a duplicate of CVE-2010-2799.	-	CVE-2010-10005	2024-09-26 08:15	2023-01-16	Show	GitHub Exploit DB Packet Storm