Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Sept. 29, 2024, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191921 4.9 警告 Linux - PowerPC プラットフォーム上で稼働する Linux Kernel における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-4611 2012-05-18 14:48 2012-05-17 Show GitHub Exploit DB Packet Storm
191922 4.9 警告 Linux - Linux Kernel の __sys_sendmsg 関数におけるサービス運用妨害 (システムクラッシュ) の脆弱性 CWE-DesignError
CVE-2011-4594 2012-05-18 14:45 2012-05-17 Show GitHub Exploit DB Packet Storm
191923 7.1 危険 Linux - Linux Kernel の udp6_ufo_fragment 関数におけるサービス運用妨害 (システムクラッシュ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-4326 2012-05-18 14:43 2012-05-17 Show GitHub Exploit DB Packet Storm
191924 7.8 危険 Linux - Linux Kernel の NFSv4 実装におけるサービス運用妨害 (OOPS) の脆弱性 CWE-119
バッファエラー 		CVE-2011-4131 2012-05-18 14:41 2012-05-17 Show GitHub Exploit DB Packet Storm
191925 4.9 警告 Linux - Linux Kernel のネットサブシステムにおけるサービス運用妨害 (パニック) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4112 2012-05-18 14:21 2012-05-17 Show GitHub Exploit DB Packet Storm
191926 4.9 警告 Linux - Linux Kernel の oom_badness 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-4097 2012-05-18 14:17 2012-05-17 Show GitHub Exploit DB Packet Storm
191927 4.9 警告 Linux - Linux Kernel の m_stop 関数におけるサービス運用妨害 (OOPS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3637 2012-05-18 14:12 2012-05-17 Show GitHub Exploit DB Packet Storm
191928 6.8 警告 アップル - Apple Mac OS X の QuickTime における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2012-0661 2012-05-17 17:53 2012-05-11 Show GitHub Exploit DB Packet Storm
191929 6.8 警告 アップル - Apple Mac OS X の QuickTime におけるバッファアンダーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-0660 2012-05-17 17:50 2012-05-11 Show GitHub Exploit DB Packet Storm
191930 6.8 警告 アップル - Apple Mac OS X の QuickTime における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-0659 2012-05-17 17:48 2012-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Sept. 29, 2024, 12:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
481 6.1 MEDIUM
Network 		lucasstad lucas_string_replace The Lucas String Replace plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and includ… Update CWE-79
Cross-site Scripting 		CVE-2024-8734 2024-09-27 04:30 2024-09-14 Show GitHub Exploit DB Packet Storm
482 5.4 MEDIUM
Network 		khromov email_obfuscate_shortcode The Email Obfuscate Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'email-obfuscate' shortcode in all versions up to, and including, 2.0 due to insuffici… Update CWE-79
Cross-site Scripting 		CVE-2024-8747 2024-09-27 04:23 2024-09-14 Show GitHub Exploit DB Packet Storm
483 6.1 MEDIUM
Network 		kubiq pdf_thumbnail_generator The PDF Thumbnail Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and inc… Update CWE-79
Cross-site Scripting 		CVE-2024-8737 2024-09-27 04:18 2024-09-14 Show GitHub Exploit DB Packet Storm
484 4.3 MEDIUM
Network 		sentry sentry Sentry is a developer-first error tracking and performance monitoring platform. An authenticated user can mute alert rules from arbitrary organizations and projects with a know rule ID. The user does… Update CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-45606 2024-09-27 04:16 2024-09-18 Show GitHub Exploit DB Packet Storm
485 - - - In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules. New - CVE-2024-8118 2024-09-27 04:15 2024-09-27 Show GitHub Exploit DB Packet Storm
486 - - - SAP Replication Server allows an attacker to use gateway for executing some commands to RSSD. This could result in crashing the Replication Server due to memory corruption with high impact on Availab… Update CWE-787
 Out-of-bounds Write 		CVE-2024-33008 2024-09-27 04:15 2024-05-15 Show GitHub Exploit DB Packet Storm
487 - - - SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload potentially dangerous files which leads to command injection v… Update CWE-77
Command Injection 		CVE-2024-22127 2024-09-27 04:15 2024-03-12 Show GitHub Exploit DB Packet Storm
488 4.3 MEDIUM
Network 		sap business_one SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details stack trace of the fault message to conduct the XXE injection, which will lead to information disclosure. … Update CWE-611
XXE 		CVE-2023-41365 2024-09-27 04:15 2023-10-10 Show GitHub Exploit DB Packet Storm
489 7.5 HIGH
Network 		sap netweaver_application_server_abap
web_dispatcher
content_server
hana_database
host_agent
extended_application_services_and_runtime
sapssoext
commoncryptolib
netweaver_applicat… 		SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component… Update CWE-787
 Out-of-bounds Write 		CVE-2023-40308 2024-09-27 04:15 2023-09-12 Show GitHub Exploit DB Packet Storm
490 5.3 MEDIUM
Network 		sap powerdesigner SAP PowerDesigner - version 16.7, queries all password hashes in the backend database and compares it with the user provided one during login attempt, which might allow an attacker to access password… Update CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2023-37484 2024-09-27 04:15 2023-08-8 Show GitHub Exploit DB Packet Storm