Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 15, 2024, 6:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
192551	4.3	警告	aflog	-	aflog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0398	2012-06-26 15:55	2008-01-23	Show	GitHub Exploit DB Packet Storm

192552	6.8	警告	aflog	-	aflog における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0397	2012-06-26 15:55	2008-01-23	Show	GitHub Exploit DB Packet Storm

192553	7.8	危険	BitDefender	-	複数の BitDefender 製品で使用される BitDefender Update Server におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0396	2012-06-26 15:55	2008-01-23	Show	GitHub Exploit DB Packet Storm

192554	7.5	危険	citadel	-	Citadel SMTP サーバにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0394	2012-06-26 15:54	2008-01-23	Show	GitHub Exploit DB Packet Storm

192555	5.8	警告	gradman	-	GradMan の info.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0393	2012-06-26 15:54	2008-01-22	Show	GitHub Exploit DB Packet Storm

192556	7.5	危険	alilg	-	aliTalk の inc/elementz.php における任意のユーザアカウントを追加される脆弱性	CWE-287 不適切な認証	CVE-2008-0391	2012-06-26 15:54	2008-01-22	Show	GitHub Exploit DB Packet Storm

192557	7.5	危険	AuraCMS	-	AuraCMS のstat.php における online.db.txt へ任意の PHP コードを挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2008-0390	2012-06-26 15:54	2008-01-22	Show	GitHub Exploit DB Packet Storm

192558	7.8	危険	Firebird Project	-	Firebird SQL における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2008-0387	2012-06-26 15:54	2008-01-28	Show	GitHub Exploit DB Packet Storm

192559	10	危険	digital data communications	-	RtspVapgDecoder.dll におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0380	2012-06-26 15:54	2008-01-22	Show	GitHub Exploit DB Packet Storm

192560	9.3	危険	マイクロソフトビジネスオブジェクツ	-	Crystal Reports XI の EnterpriseControls.dll におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2008-0379	2012-06-26 15:54	2008-01-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 15, 2024, 4:16 p.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
260581	-	postgresql	postgresql	PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURIT…	CWE-399 Resource Management Errors	CVE-2012-2655	2013-04-19 12:22	2012-07-19	Show	GitHub Exploit DB Packet Storm

260582	-	oracle	jdk jre	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via u…	NVD-CWE-noinfo	CVE-2012-3136	2013-04-19 12:22	2012-08-31	Show	GitHub Exploit DB Packet Storm

260583	-	gajim	gajim	The exec_command function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute.	CWE-94 Code Injection	CVE-2012-2085	2013-04-19 12:21	2012-08-29	Show	GitHub Exploit DB Packet Storm

260584	-	gajim	gajim	SQL injection vulnerability in the get_last_conversation_lines function in common/logger.py in Gajim before 0.15 allows remote attackers to execute arbitrary SQL commands via the jig parameter.	CWE-89 SQL Injection	CVE-2012-2086	2013-04-19 12:21	2012-11-24	Show	GitHub Exploit DB Packet Storm

260585	-	asterisk	open_source certified_asterisk digiumphones business_edition	Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-…	NVD-CWE-Other	CVE-2012-2186	2013-04-19 12:21	2012-08-31	Show	GitHub Exploit DB Packet Storm

260586	-	devscripts_devel_team	devscripts	scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands."	CWE-20 Improper Input Validation	CVE-2012-2240	2013-04-19 12:21	2012-10-1	Show	GitHub Exploit DB Packet Storm

260587	-	devscripts_devel_team	devscripts	scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted (1) .dsc or (2) .changes file, related to "arguments to external commands" that are no…	CWE-20 Improper Input Validation	CVE-2012-2242	2013-04-19 12:21	2012-10-1	Show	GitHub Exploit DB Packet Storm

260588	-	mahara	mahara	Cross-site scripting (XSS) vulnerability in group/members.php in Mahara 1.5.x before 1.5.7 and 1.6.x before 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the query paramete…	CWE-79 Cross-site Scripting	CVE-2012-2253	2013-04-19 12:21	2012-11-25	Show	GitHub Exploit DB Packet Storm

260589	-	emc	networker_module_for_microsoft_applications	The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local use…	CWE-255 Credentials Management	CVE-2012-2284	2013-04-19 12:21	2012-10-19	Show	GitHub Exploit DB Packet Storm

260590	-	emc	networker_module_for_microsoft_applications	The client in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375 allows remote attackers to execute arbitrary code by sending a crafted messag…	CWE-94 Code Injection	CVE-2012-2290	2013-04-19 12:21	2012-10-19	Show	GitHub Exploit DB Packet Storm