Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 3, 2024, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191721	7.5	危険	bingo news	-	BP News の bp_ncom.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4648	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

191722	6.8	警告	Drupal	-	Drupal の Pathauto モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4646	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191723	7.5	危険	akarru	-	Akarru Social BookMarking Engine の akarru.gui/main_content.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4645	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

191724	1.7	注意	auditwizard	-	AuditWizard における重要な情報を取得される脆弱性	-	CVE-2006-4642	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

191725	5.1	警告	c-news.fr	-	C-News.fr C-News における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4639	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

191726	5.1	警告	acgv news	-	ACGV News の article.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4638	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

191727	5.1	警告	acgv news	-	ACGV News における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4637	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

191728	7.5	危険	c-news.fr	-	C-News.fr C-News の affichage/commentaires.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4629	2012-06-26 15:37	2006-09-8	Show	GitHub Exploit DB Packet Storm

191729	7.5	危険	AVAST Software s.r.o.	-	alwil avast! Anti-virus Engine におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2006-4626	2012-06-26 15:37	2006-09-7	Show	GitHub Exploit DB Packet Storm

191730	7.5	危険	comscripts	-	AnnonceV の annonce.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4622	2012-06-26 15:37	2006-09-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 3, 2024, 12:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2141	6.1	MEDIUM Network	onlyoffice	document_server	ONLYOFFICE Docs before 8.0.1 allows XSS because a macro is an immediately-invoked function expression (IIFE), and therefore a sandbox escape is possible by directly calling the constructor of the Fun…	CWE-79 Cross-site Scripting	CVE-2023-50883	2024-09-21 00:18	2024-09-10	Show	GitHub Exploit DB Packet Storm

2142	-		-	-	Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for Windows may allow an authenticated user to conduct an escalation of privilege via local access.	-	CVE-2024-27244	2024-09-21 00:15	2024-05-16	Show	GitHub Exploit DB Packet Storm

2143	-		-	-	Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access.	-	CVE-2024-27243	2024-09-21 00:15	2024-05-16	Show	GitHub Exploit DB Packet Storm

2144	-		-	-	Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5.17.10 may allow a privileged user to conduct an escalation of privilege via local access.	-	CVE-2024-27247	2024-09-21 00:15	2024-04-10	Show	GitHub Exploit DB Packet Storm

2145	-		-	-	Improper privilege management in the installer for Zoom Desktop Client for Windows before version 5.17.10 may allow an authenticated user to conduct an escalation of privilege via local access.	-	CVE-2024-24694	2024-09-21 00:15	2024-04-10	Show	GitHub Exploit DB Packet Storm

2146	5.5	MEDIUM Local	zoom	rooms	Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access.	NVD-CWE-Other	CVE-2024-24693	2024-09-21 00:15	2024-03-14	Show	GitHub Exploit DB Packet Storm

2147	-		-	-	Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via…	-	CVE-2024-24691	2024-09-21 00:15	2024-02-14	Show	GitHub Exploit DB Packet Storm

2148	-		-	-	Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access.	-	CVE-2024-24690	2024-09-21 00:15	2024-02-14	Show	GitHub Exploit DB Packet Storm

2149	7.8	HIGH Local	zoom	zoom video_software_development_kit meeting_software_development_kit virtual_desktop_infrastructure	Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of p…	NVD-CWE-noinfo	CVE-2023-49647	2024-09-21 00:15	2024-01-13	Show	GitHub Exploit DB Packet Storm

2150	6.5	MEDIUM Network	zoom	zoom virtual_desktop_infrastructure meeting_software_development_kit video_software_development_kit	Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access.	CWE-287 Improper Authentication	CVE-2023-49646	2024-09-21 00:15	2023-12-14	Show	GitHub Exploit DB Packet Storm