Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 5, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191991	7.5	危険	gianluca baldo phpadsnew	-	Albasoftware Phpauction の phpAdsNew/view.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-3984	2012-06-26 15:37	2006-08-4	Show	GitHub Exploit DB Packet Storm

191992	7.5	危険	ekilat llc	-	Reactor の editprofile.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-3983	2012-06-26 15:37	2006-08-4	Show	GitHub Exploit DB Packet Storm

191993	4.6	警告	アドビシステムズ	-	Verity サードパーティライブラリにおける任意のコードを実行される脆弱性	-	CVE-2006-3978	2012-06-26 15:37	2006-10-10	Show	GitHub Exploit DB Packet Storm

191994	9.3	危険	CA Technologies	-	CA eTrust Antivirus WebScan における詳細不明な脆弱性	-	CVE-2006-3977	2012-06-26 15:37	2006-08-4	Show	GitHub Exploit DB Packet Storm

191995	9.3	危険	CA Technologies	-	CA eTrust Antivirus WebScan における任意のファイルをインストールされる脆弱性	-	CVE-2006-3976	2012-06-26 15:37	2006-08-4	Show	GitHub Exploit DB Packet Storm

191996	7.5	危険	CA Technologies	-	CA eTrust Antivirus WebScan における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2006-3975	2012-06-26 15:37	2006-08-4	Show	GitHub Exploit DB Packet Storm

191997	7.5	危険	php layers menu carlos sanchez valle	-	MyNewsGroups 用の PHP Layers Menu パッケージの /lib/tree/layersmenu.inc.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-3966	2012-06-26 15:37	2006-08-1	Show	GitHub Exploit DB Packet Storm

191998	10	危険	DELL EMC (旧 EMC Corporation)	-	EMC NetWorker の Management Console サーバにおける任意のコマンドを実行される脆弱性	-	CVE-2006-3892	2012-06-26 15:37	2007-03-2	Show	GitHub Exploit DB Packet Storm

191999	5	警告	banex	-	Banex PHP MySQL Banner Exchange におけるデータベースのユーザ名およびパスワード等の重要な情報を取得される脆弱性	-	CVE-2006-3965	2012-06-26 15:37	2006-08-1	Show	GitHub Exploit DB Packet Storm

192000	7.5	危険	banex	-	Banex PHP MySQL Banner Exchange の members.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-3964	2012-06-26 15:37	2006-08-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 5, 2024, 8:11 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2001	7.8	HIGH Local	tungstenautomation	kofax_power_pdf	Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power…	CWE-787 Out-of-bounds Write	CVE-2024-5302	2024-09-26 00:22	2024-06-7	Show	GitHub Exploit DB Packet Storm

2002	7.8	HIGH Local	tungstenautomation	kofax_power_pdf	Kofax Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofa…	CWE-787 Out-of-bounds Write	CVE-2024-5301	2024-09-26 00:18	2024-06-7	Show	GitHub Exploit DB Packet Storm

2003	4.8	MEDIUM Network	ninjaforms	ninja_forms	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a thro…	CWE-79 Cross-site Scripting	CVE-2024-43999	2024-09-26 00:15	2024-09-18	Show	GitHub Exploit DB Packet Storm

2004	6.5	MEDIUM Adjacent	apple	iphone_os ipados	This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A malicious Bluetooth input device may bypass pairing.	NVD-CWE-noinfo	CVE-2024-44124	2024-09-26 00:14	2024-09-17	Show	GitHub Exploit DB Packet Storm

2005	9.8	CRITICAL Network	oracle	application_development_framework	Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. E…	CWE-502 Deserialization of Untrusted Data	CVE-2022-21445	2024-09-26 00:14	2022-04-20	Show	GitHub Exploit DB Packet Storm

2006	5.4	MEDIUM Network	webhammer	wp_custom_fields_search	The WP Custom Fields Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcfs-preset shortcode in all versions up to, and including, 1.2.35 due to insufficient …	CWE-79 Cross-site Scripting	CVE-2024-8364	2024-09-26 00:08	2024-09-19	Show	GitHub Exploit DB Packet Storm

2007	5.5	MEDIUM Local	gpac	gpac	A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been declared as problematic. This vulnerability affects the function xmt_node_end of the file src/scene_manager/loader_xmt.…	CWE-416 Use After Free	CVE-2024-6064	2024-09-26 00:08	2024-06-18	Show	GitHub Exploit DB Packet Storm

2008	9.8	CRITICAL Network	freeimage_project	freeimage	libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file.	CWE-787 Out-of-bounds Write	CVE-2024-31570	2024-09-25 23:57	2024-09-20	Show	GitHub Exploit DB Packet Storm

2009	9.8	CRITICAL Network	spx	spx_graphics_controller	An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function.	CWE-94 Code Injection	CVE-2024-44623	2024-09-25 23:53	2024-09-17	Show	GitHub Exploit DB Packet Storm

2010	8.8	HIGH Network	ontraport	pilotpress	Missing Authorization vulnerability in ONTRAPORT Inc. PilotPress.This issue affects PilotPress: from n/a through 2.0.30.	CWE-862 Missing Authorization	CVE-2024-23524	2024-09-25 23:48	2024-06-10	Show	GitHub Exploit DB Packet Storm