Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Sept. 19, 2024, 6:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
192931	5.7	警告	ヒューレット・パッカード	-	HP OpenVMS における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2010-4110	2012-03-27 18:42	2010-12-14	Show	GitHub Exploit DB Packet Storm

192932	4.3	警告	ヒューレット・パッカード	-	HP Palm webOS の Contacts Application におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4109	2012-03-27 18:42	2010-12-6	Show	GitHub Exploit DB Packet Storm

192933	2.6	注意	OTRS プロジェクト	-	OTRS の AgentTicketZoom におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4071	2012-03-27 18:42	2011-01-20	Show	GitHub Exploit DB Packet Storm

192934	6.8	警告	ヒューレット・パッカード	-	HP HP-UX におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2010-4108	2012-03-27 18:42	2010-12-6	Show	GitHub Exploit DB Packet Storm

192935	7.8	危険	ヒューレット・パッカード	-	複数の HP プリンタ製品で使用される File System External Access 設定の PJL Access 値のデフォルト設定における任意のファイルを読まれる脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4107	2012-03-27 18:42	2010-11-15	Show	GitHub Exploit DB Packet Storm

192936	6.8	警告	ヒューレット・パッカード	-	HP Insight Control におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-4106	2012-03-27 18:42	2010-10-28	Show	GitHub Exploit DB Packet Storm

192937	6.4	警告	ヒューレット・パッカード	-	HP Insight Orchestration におけるアクセス制限を回避する脆弱性	CWE-noinfo 情報不足	CVE-2010-4105	2012-03-27 18:42	2010-10-28	Show	GitHub Exploit DB Packet Storm

192938	5	警告	ヒューレット・パッカード	-	HP Insight Orchestration における任意のファイルを読まれる脆弱性	CWE-noinfo 情報不足	CVE-2010-4104	2012-03-27 18:42	2010-10-28	Show	GitHub Exploit DB Packet Storm

192939	5	警告	ヒューレット・パッカード	-	HP Insight Managed System Setup Wizard における任意のファイルを読まれる脆弱性	CWE-noinfo 情報不足	CVE-2010-4103	2012-03-27 18:42	2010-10-28	Show	GitHub Exploit DB Packet Storm

192940	5	警告	ヒューレット・パッカード	-	HP Insight Recovery における任意のファイルを読まれる脆弱性	CWE-noinfo 情報不足	CVE-2010-4102	2012-03-27 18:42	2010-10-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Sept. 19, 2024, 8:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1921	5.5	MEDIUM Local	acronis	snap_deploy	Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.	CWE-276 Incorrect Default Permissions	CVE-2024-34018	2024-09-13 02:17	2024-08-30	Show	GitHub Exploit DB Packet Storm

1922	7.3	HIGH Local	acronis	snap_deploy	Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.	CWE-427 Uncontrolled Search Path Element	CVE-2024-34017	2024-09-13 02:16	2024-08-30	Show	GitHub Exploit DB Packet Storm

1923	-		-	-	An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `aut…	CWE-285 Improper Authorization	CVE-2024-6840	2024-09-13 02:15	2024-09-13	Show	GitHub Exploit DB Packet Storm

1924	8.8	HIGH Network	phpgurukul	job_portal	File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-8463	2024-09-13 02:15	2024-09-5	Show	GitHub Exploit DB Packet Storm

1925	5.5	MEDIUM Local	artifex	mupdf	In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg f…	CWE-476 NULL Pointer Dereference	CVE-2018-19882	2024-09-13 02:15	2018-12-6	Show	GitHub Exploit DB Packet Storm

1926	5.5	MEDIUM Local	artifex debian	mupdf debian_linux	In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2018-19777	2024-09-13 02:15	2018-11-30	Show	GitHub Exploit DB Packet Storm

1927	5.5	MEDIUM Local	artifex	mupdf	There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.	CWE-125 Out-of-bounds Read	CVE-2018-18662	2024-09-13 02:15	2018-10-26	Show	GitHub Exploit DB Packet Storm

1928	5.5	MEDIUM Local	artifex	mupdf	In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-dev…	CWE-129 Improper Validation of Array Index	CVE-2018-16648	2024-09-13 02:15	2018-09-7	Show	GitHub Exploit DB Packet Storm

1929	5.5	MEDIUM Local	artifex	mupdf	In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pd…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-16647	2024-09-13 02:15	2018-09-7	Show	GitHub Exploit DB Packet Storm

1930	5.5	MEDIUM Local	artifex debian	mupdf debian_linux	In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2018-1000036	2024-09-13 02:15	2018-05-24	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed