Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 4, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191831	2.6	注意	GNU Project	-	screen の encoding.c の utf8_handle_comb 関数におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4573	2012-06-26 15:37	2006-10-24	Show	GitHub Exploit DB Packet Storm

191832	7.5	危険	bernard pacques	-	YACS CMS における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4559	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191833	7.5	危険	deluxebb	-	DeluxeBB における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4558	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191834	5.1	警告	becubed	-	Tumbleweed EMF などに使用される BeCubed Compression Plus のReadFile 関数におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-4554	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191835	6.8	警告	chxo	-	CHXO Feedsplitter におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4552	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191836	7.5	危険	chxo	-	CHXO Feedsplitter における任意の PHP コードが実行される脆弱性	-	CVE-2006-4551	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191837	5	警告	chxo	-	CHXO Feedsplitter におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4550	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191838	5	警告	chxo	-	CHXO Feedsplitter における feedsplitter.php のソースコードを読まれる脆弱性	-	CVE-2006-4549	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191839	7.5	危険	e107.org	-	e107 における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4548	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

191840	7.5	危険	exbb	-	ExBB における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4544	2012-06-26 15:37	2006-09-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 5, 2024, 5:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2231	9.8	CRITICAL Network	gaizhenbiao	chuanhuchatgpt	The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed to restrict user access to resources wi…	CWE-22 Path Traversal	CVE-2024-3234	2024-09-24 23:09	2024-06-7	Show	GitHub Exploit DB Packet Storm

2232	8.6	HIGH Network	zylon	privategpt	A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. This vulnerability allows attackers to send crafted requests that could res…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-5186	2024-09-24 23:04	2024-06-7	Show	GitHub Exploit DB Packet Storm

2233	5.4	MEDIUM Network	gaizhenbiao	chuanhuchatgpt	A stored Cross-Site Scripting (XSS) vulnerability existed in version (20240121) of gaizhenbiao/chuanhuchatgpt due to inadequate sanitization and validation of model output data. Despite user-input va…	CWE-79 Cross-site Scripting	CVE-2024-3402	2024-09-24 23:04	2024-06-7	Show	GitHub Exploit DB Packet Storm

2234	6.3	MEDIUM Network	kanboard	kanboard	Kanboard is project management software that focuses on the Kanban methodology. The vuln is in app/Controller/ProjectPermissionController.php function addUser(). The users permission to add users to …	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-36399	2024-09-24 22:59	2024-06-7	Show	GitHub Exploit DB Packet Storm

2235	7.8	HIGH Local	a10networks	advanced_core_operating_system	A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of A10 Thunder ADC…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2024-30369	2024-09-24 22:55	2024-06-7	Show	GitHub Exploit DB Packet Storm

2236	8.8	HIGH Network	a10networks	advanced_core_operating_system	A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of A10 Thunder ADC…	CWE-77 Command Injection	CVE-2024-30368	2024-09-24 22:54	2024-06-7	Show	GitHub Exploit DB Packet Storm

2237	8.8	HIGH Network	agpt	autogpt	A Cross-Site Request Forgery (CSRF) vulnerability in significant-gravitas/autogpt version v0.5.0 allows attackers to execute arbitrary commands on the AutoGPT server. The vulnerability stems from the…	CWE-352 Origin Validation Error	CVE-2024-1879	2024-09-24 22:54	2024-06-7	Show	GitHub Exploit DB Packet Storm

2238	8.1	HIGH Network	micropython	micropython	A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use …	CWE-416 Use After Free	CVE-2024-8947	2024-09-24 22:17	2024-09-18	Show	GitHub Exploit DB Packet Storm

2239	7.5	HIGH Network	micropython	micropython	A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mp_vfs_umount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipula…	CWE-787 Out-of-bounds Write	CVE-2024-8946	2024-09-24 22:11	2024-09-18	Show	GitHub Exploit DB Packet Storm

2240	7.8	HIGH Local	microsoft	visio office 365_apps office_long_term_servicing_channel	Microsoft Office Visio Remote Code Execution Vulnerability	NVD-CWE-noinfo	CVE-2024-38016	2024-09-24 20:11	2024-09-20	Show	GitHub Exploit DB Packet Storm