Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Sept. 25, 2024, 6:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191811	3.5	注意	オラクル	-	Oracle FLEXCUBE Direct Banking における Core-My サービスの処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2012-0541	2012-05-9 16:21	2012-04-17	Show	GitHub Exploit DB Packet Storm

191812	3.5	注意	オラクル	-	Oracle FLEXCUBE Direct Banking における Core-Base の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2012-1679	2012-05-9 16:17	2012-04-17	Show	GitHub Exploit DB Packet Storm

191813	3.5	注意	オラクル	-	Oracle FLEXCUBE Direct Banking における Core-Base の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2012-0509	2012-05-9 16:10	2012-04-17	Show	GitHub Exploit DB Packet Storm

191814	3.5	注意	オラクル	-	Oracle FLEXCUBE Direct Banking における Core-Base の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2012-1704	2012-05-9 16:07	2012-04-17	Show	GitHub Exploit DB Packet Storm

191815	3.6	注意	オラクル	-	Oracle FLEXCUBE Universal Banking における Core の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2012-0546	2012-05-9 16:04	2012-04-17	Show	GitHub Exploit DB Packet Storm

191816	3.6	注意	オラクル	-	Oracle FLEXCUBE Universal Banking における Core の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2012-0545	2012-05-9 16:02	2012-04-17	Show	GitHub Exploit DB Packet Storm

191817	4	警告	オラクル	-	Oracle FLEXCUBE Universal Banking における Core の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2012-0571	2012-05-9 15:59	2012-04-17	Show	GitHub Exploit DB Packet Storm

191818	4	警告	オラクル	-	Oracle FLEXCUBE Direct Banking における Core-Help の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2012-0576	2012-05-9 15:57	2012-04-17	Show	GitHub Exploit DB Packet Storm

191819	4	警告	オラクル	-	Oracle FLEXCUBE Direct Banking における Core-Base の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2012-1707	2012-05-9 15:53	2012-04-17	Show	GitHub Exploit DB Packet Storm

191820	4.7	警告	オラクル	-	Oracle FLEXCUBE Direct Banking におけるロギングの処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2012-1706	2012-05-9 15:43	2012-04-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Sept. 25, 2024, 4:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
151	-		-	-	An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full privileges by requesting the URL directly. New	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2024-43692	2024-09-25 10:15	2024-09-25	Show	GitHub Exploit DB Packet Storm

152	-		-	-	The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed. New	CWE-259 Use of Hard-coded Password	CVE-2024-43423	2024-09-25 10:15	2024-09-25	Show	GitHub Exploit DB Packet Storm

153	-		-	-	ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting. New	CWE-79 Cross-site Scripting	CVE-2024-41725	2024-09-25 10:15	2024-09-25	Show	GitHub Exploit DB Packet Storm

154	5.9	MEDIUM Network	-	-	IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an… New	CWE-297 Improper Validation of Certificate with Host Mismatch	CVE-2024-38324	2024-09-25 10:15	2024-09-25	Show	GitHub Exploit DB Packet Storm

155	3.7	LOW Network	-	-	The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visibl… New	CWE-200 Information Exposure	CVE-2023-5359	2024-09-25 10:15	2024-09-25	Show	GitHub Exploit DB Packet Storm

156	3.7	LOW Network	-	-	IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerabilit… New	CWE-1004 Sensitive Cookie Without 'HttpOnly' Flag	CVE-2022-43845	2024-09-25 10:15	2024-09-25	Show	GitHub Exploit DB Packet Storm

157	8.0	HIGH Network	-	-	IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a CSV injection vulnerability. By persuading a victim to open a s… New	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2021-38963	2024-09-25 10:15	2024-09-25	Show	GitHub Exploit DB Packet Storm

158	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value betwe… Update	CWE-131 Incorrect Calculation of Buffer Size	CVE-2024-42259	2024-09-25 10:15	2024-08-15	Show	GitHub Exploit DB Packet Storm

159	-		-	-	A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server … Update	-	CVE-2024-7409	2024-09-25 10:15	2024-08-5	Show	GitHub Exploit DB Packet Storm

160	-		-	-	A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD tra… Update	CWE-295 Improper Certificate Validation	CVE-2024-7383	2024-09-25 10:15	2024-08-5	Show	GitHub Exploit DB Packet Storm