Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 7, 2024, 2:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191751 7.5 危険 Claroline Consortium - Claroline の claroline/inc/lib/import.lib.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5256 2012-06-26 15:37 2006-10-12 Show GitHub Exploit DB Packet Storm
191752 7.5 危険 dayana networks - Dayana Networks phpOnline の strload.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5253 2012-06-26 15:37 2006-10-12 Show GitHub Exploit DB Packet Storm
191753 7.5 危険 deep cms - Deep CMS の index.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5251 2012-06-26 15:37 2006-10-12 Show GitHub Exploit DB Packet Storm
191754 5.1 警告 blueshoes - BlueShoes の lib/googlesearch/GoogleSearch.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5250 2012-06-26 15:37 2006-10-11 Show GitHub Exploit DB Packet Storm
191755 7.8 危険 eazy cart - Eazy Cart における顧客データベースをダウンロードされる脆弱性 - CVE-2006-5248 2012-06-26 15:37 2006-10-11 Show GitHub Exploit DB Packet Storm
191756 6.8 警告 eazy cart - Eazy Cart におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5247 2012-06-26 15:37 2006-10-11 Show GitHub Exploit DB Packet Storm
191757 5 警告 eazy cart - Eazy Cart における価格および他の重要なフィールドを変更される脆弱性 - CVE-2006-5246 2012-06-26 15:37 2006-10-11 Show GitHub Exploit DB Packet Storm
191758 7.5 危険 eazy cart - Eazy Cart における管理アクセス権を取得される脆弱性 - CVE-2006-5245 2012-06-26 15:37 2006-10-11 Show GitHub Exploit DB Packet Storm
191759 7.5 危険 Etomite Project - Etomite CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-5242 2012-06-26 15:37 2006-10-11 Show GitHub Exploit DB Packet Storm
191760 5.1 警告 docmint - Docmint の engine/require.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5240 2012-06-26 15:37 2006-10-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 7, 2024, 12:10 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2481 5.5 MEDIUM
Local 		apple macos A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. CWE-281
 Improper Preservation of Permissions 		CVE-2024-27858 2024-09-24 04:56 2024-09-17 Show GitHub Exploit DB Packet Storm
2482 7.1 HIGH
Local 		acronis agent Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36343. CWE-862
 Missing Authorization 		CVE-2023-45246 2024-09-24 04:54 2023-10-6 Show GitHub Exploit DB Packet Storm
2483 5.5 MEDIUM
Local 		apple macos The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause a denial-of-service. NVD-CWE-noinfo
CVE-2024-23237 2024-09-24 04:53 2024-09-17 Show GitHub Exploit DB Packet Storm
2484 7.2 HIGH
Network 		litellm litellm An SQL Injection vulnerability exists in the berriai/litellm repository, specifically within the `/global/spend/logs` endpoint. The vulnerability arises due to improper neutralization of special elem… CWE-89
SQL Injection 		CVE-2024-5225 2024-09-24 04:46 2024-06-7 Show GitHub Exploit DB Packet Storm
2485 7.5 HIGH
Network 		drupal drupal In certain scenarios, Drupal's JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading… NVD-CWE-noinfo
CVE-2023-5256 2024-09-24 04:35 2023-09-29 Show GitHub Exploit DB Packet Storm
2486 4.8 MEDIUM
Network 		ritecms ritecms Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu. CWE-79
Cross-site Scripting 		CVE-2023-43879 2024-09-24 04:35 2023-09-29 Show GitHub Exploit DB Packet Storm
2487 5.3 MEDIUM
Network 		oracle access_manager Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerabili… NVD-CWE-noinfo
CVE-2022-39405 2024-09-24 04:35 2022-10-19 Show GitHub Exploit DB Packet Storm
2488 6.4 MEDIUM
Network 		oracle banking_trade_finance Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit v… NVD-CWE-noinfo
CVE-2022-21586 2024-09-24 04:35 2022-07-20 Show GitHub Exploit DB Packet Storm
2489 5.3 MEDIUM
Network 		contao contao Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page (front end). Users are advised to update to… CWE-74
Injection 		CVE-2024-45612 2024-09-24 04:33 2024-09-18 Show GitHub Exploit DB Packet Storm
2490 6.1 MEDIUM
Local 		apple macos
iphone_os
ipados 		A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using pri… NVD-CWE-noinfo
CVE-2024-40826 2024-09-24 04:25 2024-09-17 Show GitHub Exploit DB Packet Storm