Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 4, 2024, 12:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191841 4.3 警告 cPanel - cPanel 10 におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4293 2012-06-26 15:37 2006-08-22 Show GitHub Exploit DB Packet Storm
191842 7.5 危険 fscripts - Fantastic News の news.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-4285 2012-06-26 15:37 2006-08-22 Show GitHub Exploit DB Packet Storm
191843 7.5 危険 arthur konze webdesign - Mambo の akocomment モジュールの akocomments.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4281 2012-06-26 15:37 2006-08-21 Show GitHub Exploit DB Packet Storm
191844 6.8 警告 devellion - CubeCart におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4268 2012-06-26 15:37 2006-08-17 Show GitHub Exploit DB Packet Storm
191845 7.5 危険 devellion - CubeCart における SQL インジェクションの脆弱性 - CVE-2006-4267 2012-06-26 15:37 2006-08-17 Show GitHub Exploit DB Packet Storm
191846 7.2 危険 ACME Laboratories - Debian GNU/Linux の thttpd における任意のファイルを作成される脆弱性 - CVE-2006-4248 2012-06-26 15:37 2006-10-31 Show GitHub Exploit DB Packet Storm
191847 7.5 危険 fusionphp - Fusion News における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4240 2012-06-26 15:37 2006-08-21 Show GitHub Exploit DB Packet Storm
191848 7.5 危険 dotProject - dotProject の classes/query.class.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4234 2012-06-26 15:37 2006-08-18 Show GitHub Exploit DB Packet Storm
191849 7.5 危険 david kent norman - David Kent Norman Thatware の config.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4213 2012-06-26 15:37 2006-08-17 Show GitHub Exploit DB Packet Storm
191850 2.6 注意 andreas kansok - Andreas Kansok phPay の nu_mail.inc.php におけるサーバをオープンメール中継に使用される脆弱性 - CVE-2006-4210 2012-06-26 15:37 2006-08-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 4, 2024, 12:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
981 - - - A Cross Site Scripting (XSS) vulnerability in add_donor.php of Blood Bank And Donation Management System 1.0 allows an attacker to inject malicious scripts that will be executed when the Donor List i… - CVE-2024-45984 2024-09-30 21:46 2024-09-27 Show GitHub Exploit DB Packet Storm
982 - - - The goTenna Pro ATAK Plugin does not encrypt the callsigns of its users. These callsigns reveal information about the users and can also be leveraged for other vulnerabilities. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2024-45838 2024-09-30 21:46 2024-09-27 Show GitHub Exploit DB Packet Storm
983 - - - The goTenna Pro ATAK Plugin does not use SecureRandom when generating its cryptographic keys. The random function in use is not suitable for cryptographic use. CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2024-45723 2024-09-30 21:46 2024-09-27 Show GitHub Exploit DB Packet Storm
984 - - - In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. This allows for complete decryption of keys stored on the device. This allows an att… CWE-521
Weak Password Requirements  		CVE-2024-45374 2024-09-30 21:46 2024-09-27 Show GitHub Exploit DB Packet Storm
985 - - - goTenna Pro ATAK Plugin by default enables frequent unencrypted Position, Location and Information (PLI) transmission. This transmission is done without user's knowledge, revealing the exact locati… CWE-201
 Insertion of Sensitive Information Into Sent Data 		CVE-2024-43814 2024-09-30 21:46 2024-09-27 Show GitHub Exploit DB Packet Storm
986 - - - In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. This allows for complete decryption of keys stored on the device. This allows an att… CWE-922
 Insecure Storage of Sensitive Information 		CVE-2024-43694 2024-09-30 21:46 2024-09-27 Show GitHub Exploit DB Packet Storm
987 - - - The goTenna Pro ATAK Plugin use AES CTR mode for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to any attacker that can access the m… CWE-353
 Missing Support for Integrity Check 		CVE-2024-43108 2024-09-30 21:46 2024-09-27 Show GitHub Exploit DB Packet Storm
988 - - - The goTenna Pro ATAK Plugin broadcast key name is always sent unencrypted and could reveal the location of operation. - CVE-2024-41931 2024-09-30 21:46 2024-09-27 Show GitHub Exploit DB Packet Storm
989 - - - In the goTenna Pro ATAK Plugin there is a vulnerability that makes it possible to inject any custom message with any GID and Callsign using a software defined radio in existing gotenna mesh network… CWE-1390
 Weak Authentication 		CVE-2024-41722 2024-09-30 21:46 2024-09-27 Show GitHub Exploit DB Packet Storm
990 - - - The goTenna Pro ATAK Plugin has a payload length vulnerability that makes it possible to tell the length of the payload regardless of the encryption used. CWE-204
 Response Discrepancy Information Exposure 		CVE-2024-41715 2024-09-30 21:46 2024-09-27 Show GitHub Exploit DB Packet Storm