Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Sept. 28, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
192001 10 危険 マイクロソフト - Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0181 2012-05-10 18:12 2012-05-8 Show GitHub Exploit DB Packet Storm
192002 7.2 危険 マイクロソフト - Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0180 2012-05-10 18:11 2012-05-8 Show GitHub Exploit DB Packet Storm
192003 9.3 危険 マイクロソフト - Windows 上で稼働する Microsoft Silverlight におけるメモリ二重解放の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-0176 2012-05-10 18:09 2012-05-8 Show GitHub Exploit DB Packet Storm
192004 9.3 危険 マイクロソフト - Microsoft Office 2003 および 2007 におけるヒープベースのバッファオーバーフローの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0167 2012-05-10 18:08 2012-05-8 Show GitHub Exploit DB Packet Storm
192005 9.3 危険 マイクロソフト - 複数の Microsoft 製品の GDI+ における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0165 2012-05-10 18:04 2012-05-8 Show GitHub Exploit DB Packet Storm
192006 5 警告 マイクロソフト - Microsoft .NET Framework 4 におけるサービス運用妨害 (アプリケーションハング) の脆弱性 CWE-DesignError
CVE-2012-0164 2012-05-10 17:58 2012-05-8 Show GitHub Exploit DB Packet Storm
192007 9.3 危険 マイクロソフト - Microsoft .NET Framework 4 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2012-0162 2012-05-10 17:57 2012-05-8 Show GitHub Exploit DB Packet Storm
192008 6.8 警告 マイクロソフト - 複数の Microsoft Windows 製品の partmgr.sys における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0178 2012-05-10 17:08 2012-05-8 Show GitHub Exploit DB Packet Storm
192009 6.8 警告 マイクロソフト - Microsoft Windows Server 2008 R2 および Windows 7 の tcpip.sys におけるメモリ二重解放の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0179 2012-05-10 16:09 2012-05-8 Show GitHub Exploit DB Packet Storm
192010 1.7 注意 マイクロソフト - 複数の Microsoft Windows 製品の Windows ファイアウォールにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0174 2012-05-10 16:09 2012-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Sept. 28, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
81 7.8 HIGH
Local 		logitech logi_options\+ Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuse… Update CWE-94
Code Injection 		CVE-2024-8258 2024-09-28 03:56 2024-09-10 Show GitHub Exploit DB Packet Storm
82 9.8 CRITICAL
Network 		millbeck proroute_h685t-w_firmware There is a command injection vulnerability that may allow an attacker to inject malicious input on the device's operating system. Update CWE-78
OS Command  		CVE-2024-45682 2024-09-28 03:54 2024-09-18 Show GitHub Exploit DB Packet Storm
83 4.7 MEDIUM
Network 		meowapps ai_engine The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing ch… Update CWE-89
SQL Injection 		CVE-2024-6723 2024-09-28 03:50 2024-09-13 Show GitHub Exploit DB Packet Storm
84 6.8 MEDIUM
Network 		cilium cilium Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.14.14 and 1.15.8, a race condition in the Cilium agent can cause the agent to ignore lab… Update CWE-362
Race Condition 		CVE-2024-42488 2024-09-28 03:49 2024-08-16 Show GitHub Exploit DB Packet Storm
85 6.1 MEDIUM
Network 		wp-unit share_this_image The Share This Image plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.03. This is due to insufficient validation on the redirect url supplied via the link p… Update CWE-601
Open Redirect 		CVE-2024-8761 2024-09-28 03:41 2024-09-17 Show GitHub Exploit DB Packet Storm
86 6.5 MEDIUM
Network 		wp-property-hive propertyhive The PropertyHive plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.19. This is due to missing or incorrect nonce validation on the 'save_accou… Update CWE-352
 Origin Validation Error 		CVE-2024-8490 2024-09-28 03:36 2024-09-17 Show GitHub Exploit DB Packet Storm
87 4.8 MEDIUM
Network 		majeedraza carousel_slider The Carousel Slider WordPress plugin before 2.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks eve… Update CWE-79
Cross-site Scripting 		CVE-2024-6850 2024-09-28 03:30 2024-09-13 Show GitHub Exploit DB Packet Storm
88 7.2 HIGH
Network 		nsqua simply_schedule_appointments The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.43 does not escape template syntax provided via user input, leading to Twig Template Injec… Update NVD-CWE-Other
CVE-2024-7129 2024-09-28 03:26 2024-09-13 Show GitHub Exploit DB Packet Storm
89 6.5 MEDIUM
Network 		michalaugustyniak misiek_photo_album The Misiek Photo Album WordPress plugin through 1.4.3 does not have CSRF checks in some places, which could allow attackers to make logged in users delete arbitrary albums via a CSRF attack Update CWE-352
 Origin Validation Error 		CVE-2024-7817 2024-09-28 03:26 2024-09-12 Show GitHub Exploit DB Packet Storm
90 4.8 MEDIUM
Network 		wp-master logo_manager_for_enamad The Logo Manager For Enamad WordPress plugin through 0.7.1 does not sanitise and escape in its widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scri… Update CWE-79
Cross-site Scripting 		CVE-2024-5170 2024-09-28 03:23 2024-09-17 Show GitHub Exploit DB Packet Storm