Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Sept. 28, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
192061 5.5 警告 オラクル - Oracle Identity Manager における User Config Management の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0532 2012-05-9 17:45 2012-04-17 Show GitHub Exploit DB Packet Storm
192062 7.5 危険 オラクル - Oracle WebCenter Forms Recognition における Designer の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-1709 2012-05-9 17:40 2012-04-17 Show GitHub Exploit DB Packet Storm
192063 10 危険 サン・マイクロシステムズ
オラクル		 - Oracle JRockit および JDK/JRE における脆弱性 CWE-noinfo
情報不足 		CVE-2012-1695 2012-05-9 17:19 2012-04-17 Show GitHub Exploit DB Packet Storm
192064 4 警告 オラクル - Oracle の Siebel Clinical における Web UI の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-1674 2012-05-9 16:46 2012-04-17 Show GitHub Exploit DB Packet Storm
192065 4 警告 オラクル - Oracle の Siebel Clinical における Web UI の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0582 2012-05-9 16:42 2012-04-17 Show GitHub Exploit DB Packet Storm
192066 4.3 警告 オラクル - Oracle の Primavera P6 Enterprise Project Portfolio Management における脆弱性 CWE-noinfo
情報不足 		CVE-2012-0558 2012-05-9 16:28 2012-04-17 Show GitHub Exploit DB Packet Storm
192067 3.5 注意 オラクル - Oracle FLEXCUBE Universal Banking における Core の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0579 2012-05-9 16:23 2012-04-17 Show GitHub Exploit DB Packet Storm
192068 3.5 注意 オラクル - Oracle FLEXCUBE Universal Banking における Core の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0577 2012-05-9 16:22 2012-04-17 Show GitHub Exploit DB Packet Storm
192069 3.5 注意 オラクル - Oracle FLEXCUBE Universal Banking における Core の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0544 2012-05-9 16:22 2012-04-17 Show GitHub Exploit DB Packet Storm
192070 3.5 注意 オラクル - Oracle FLEXCUBE Direct Banking における Virtual Banking の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-1676 2012-05-9 16:21 2012-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Sept. 29, 2024, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
101 4.3 MEDIUM
Network 		github enterprise_server An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server, allowing an attacker to update the title, assignees, and labels of any issue inside a public repository. This was … Update CWE-863
 Incorrect Authorization 		CVE-2024-7711 2024-09-28 03:17 2024-08-21 Show GitHub Exploit DB Packet Storm
102 6.5 MEDIUM
Network 		lucasgarcia posts_reminder The Posts reminder WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack Update CWE-352
 Origin Validation Error 		CVE-2024-8093 2024-09-28 03:16 2024-09-17 Show GitHub Exploit DB Packet Storm
103 - - - A path traversal issue in E2Nest prior to commit 8a41948e553c89c56b14410c6ed395e9cfb9250a New - CVE-2024-9301 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
104 - - - A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2.11.3 allows an attacker to achieve remote code execution via Add Let's Encrypt Certificate. NOTE: thi… New - CVE-2024-46257 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
105 - - - A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an attacker to RCE via Add Let's Encrypt Certificate. New - CVE-2024-46256 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
106 - - - Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the e… New CWE-306
Missing Authentication for Critical Function 		CVE-2024-39364 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
107 - - - Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an … New - CVE-2024-39275 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
108 - - - Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP… New CWE-79
Cross-site Scripting 		CVE-2024-38308 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
109 - - - Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding. New CWE-261
 Weak Encoding for Password 		CVE-2024-37187 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
110 - - - Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process. New CWE-261
 Weak Encoding for Password 		CVE-2024-34542 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm