Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 4, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191791 2.6 注意 アドビシステムズ - Adobe ColdFusion MX におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4726 2012-06-26 15:37 2006-09-13 Show GitHub Exploit DB Packet Storm
191792 4.6 警告 アドビシステムズ - Adobe ColdFusion MX におけるセキュリティ制限を回避される脆弱性 - CVE-2006-4725 2012-06-26 15:37 2006-09-13 Show GitHub Exploit DB Packet Storm
191793 5 警告 アドビシステムズ - Adobe ColdFusion MX の ColdFusion Flash RemotingGateway におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4724 2012-06-26 15:37 2006-09-13 Show GitHub Exploit DB Packet Storm
191794 5.1 警告 ccleague - CCleague Pro Sports CMS の admin.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-4721 2012-06-26 15:37 2006-09-12 Show GitHub Exploit DB Packet Storm
191795 7.5 危険 Drupal - Drupal の Pubcookie モジュールのログインリダイレクションメカニズムにおける任意のユーザ ID を偽装される脆弱性 - CVE-2006-4717 2012-06-26 15:37 2006-09-8 Show GitHub Exploit DB Packet Storm
191796 7.5 危険 fire soft board - FSB RC3 の demarrage.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4716 2012-06-26 15:37 2006-09-12 Show GitHub Exploit DB Packet Storm
191797 5 警告 dominic gamble - dwayner79 の login.php における SQL インジェクションの脆弱性 - CVE-2006-4705 2012-06-26 15:37 2006-09-12 Show GitHub Exploit DB Packet Storm
191798 4 警告 キヤノン - Canon imageRUNNER の Remote UI における重要な情報を取得される脆弱性 - CVE-2006-4680 2012-06-26 15:37 2006-09-11 Show GitHub Exploit DB Packet Storm
191799 5 警告 Andreas Gohr - DokuWiki における重要な情報を取得される脆弱性 - CVE-2006-4679 2012-06-26 15:37 2006-09-11 Show GitHub Exploit DB Packet Storm
191800 7.5 危険 comscripts - News Evolution における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4678 2012-06-26 15:37 2006-09-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 5, 2024, 5:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2271 7.2 HIGH
Network 		litellm litellm An SQL Injection vulnerability exists in the berriai/litellm repository, specifically within the `/global/spend/logs` endpoint. The vulnerability arises due to improper neutralization of special elem… CWE-89
SQL Injection 		CVE-2024-5225 2024-09-24 04:46 2024-06-7 Show GitHub Exploit DB Packet Storm
2272 7.5 HIGH
Network 		drupal drupal In certain scenarios, Drupal's JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading… NVD-CWE-noinfo
CVE-2023-5256 2024-09-24 04:35 2023-09-29 Show GitHub Exploit DB Packet Storm
2273 4.8 MEDIUM
Network 		ritecms ritecms Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu. CWE-79
Cross-site Scripting 		CVE-2023-43879 2024-09-24 04:35 2023-09-29 Show GitHub Exploit DB Packet Storm
2274 5.3 MEDIUM
Network 		oracle access_manager Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerabili… NVD-CWE-noinfo
CVE-2022-39405 2024-09-24 04:35 2022-10-19 Show GitHub Exploit DB Packet Storm
2275 6.4 MEDIUM
Network 		oracle banking_trade_finance Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit v… NVD-CWE-noinfo
CVE-2022-21586 2024-09-24 04:35 2022-07-20 Show GitHub Exploit DB Packet Storm
2276 5.3 MEDIUM
Network 		contao contao Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page (front end). Users are advised to update to… CWE-74
Injection 		CVE-2024-45612 2024-09-24 04:33 2024-09-18 Show GitHub Exploit DB Packet Storm
2277 6.1 MEDIUM
Local 		apple macos
iphone_os
ipados 		A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using pri… NVD-CWE-noinfo
CVE-2024-40826 2024-09-24 04:25 2024-09-17 Show GitHub Exploit DB Packet Storm
2278 3.3 LOW
Local 		apple iphone_os
ipados 		This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps. NVD-CWE-noinfo
CVE-2024-40830 2024-09-24 04:19 2024-09-17 Show GitHub Exploit DB Packet Storm
2279 5.5 MEDIUM
Local 		apple macos A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access a user's Photos Library. CWE-281
 Improper Preservation of Permissions 		CVE-2024-40831 2024-09-24 04:18 2024-09-17 Show GitHub Exploit DB Packet Storm
2280 - - - An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 13… - CVE-2024-25074 2024-09-24 04:15 2024-09-11 Show GitHub Exploit DB Packet Storm