Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 19, 2024, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
192961 7.1 危険 シュナイダーエレクトリック株式会社 (旧社名株式会社エーピーシー・ジャパン) - APC AP7932 0u 30amp Switched Rack PDU におけるログインのアクセス権を取得される脆弱性 CWE-287
不適切な認証
CVE-2007-6226 2012-06-26 15:54 2007-12-4 Show GitHub Exploit DB Packet Storm
192962 6.5 警告 crm ctt - CRM-CTT Interleave の CheckCustomerAccess 関数におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2007-6222 2012-06-26 15:54 2007-12-2 Show GitHub Exploit DB Packet Storm
192963 5 警告 Google - KML share の region.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2007-6212 2012-06-26 15:54 2007-12-4 Show GitHub Exploit DB Packet Storm
192964 3.6 注意 Claws Mail - claws-mail-tools の sylprint.pl における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題
CVE-2007-6208 2012-06-26 15:54 2007-12-3 Show GitHub Exploit DB Packet Storm
192965 5 警告 BEAシステムズ - BEA AquaLogic Interaction の Plumtree ポータルの portal/server.pt における有効なユーザ名を列挙される脆弱性 CWE-DesignError
CVE-2007-6198 2012-06-26 15:54 2007-12-1 Show GitHub Exploit DB Packet Storm
192966 5 警告 BEAシステムズ - BEA AquaLogic Interaction の Plumtree ポータルにおけるバージョン番号および内部ホスト名を取得される脆弱性 CWE-200
情報漏えい
CVE-2007-6197 2012-06-26 15:54 2007-12-1 Show GitHub Exploit DB Packet Storm
192967 4.3 警告 calacode - CalaCode @Mail の util.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2007-6196 2012-06-26 15:54 2007-12-1 Show GitHub Exploit DB Packet Storm
192968 5 警告 シトリックス・システムズ - Citrix NetScaler の Web 管理インターフェースにおける重要なネットワーク設定情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2007-6193 2012-06-26 15:54 2007-11-29 Show GitHub Exploit DB Packet Storm
192969 4.3 警告 シトリックス・システムズ - Citrix NetScaler の Web マネジメントインターフェースにおける平文の資格情報を取得される脆弱性 CWE-310
暗号の問題
CVE-2007-6192 2012-06-26 15:54 2007-11-29 Show GitHub Exploit DB Packet Storm
192970 3.5 注意 シスコシステムズ - Cisco Unified IP Phone の HTTP デーモンにおける盗聴される脆弱性 CWE-200
情報漏えい
CVE-2007-6190 2012-06-26 15:54 2007-11-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 19, 2024, 4:16 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1271 5.4 MEDIUM
Network
wpgrids slicko Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpgrids Slicko allows DOM-Based XSS.This issue affects Slicko: from n/a through 1.2.0. CWE-79
Cross-site Scripting
CVE-2024-51591 2024-11-15 02:51 2024-11-10 Show GitHub Exploit DB Packet Storm
1272 6.5 MEDIUM
Network
sap businessobjects_business_intelligence SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine host… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-37179 2024-11-15 02:35 2024-10-8 Show GitHub Exploit DB Packet Storm
1273 - - - In Streampark (version < 2.1.4), when a user logged in successfully, the Backend service would return "Authorization" as the front-end authentication credential. User can use this credential to requ… - CVE-2024-29120 2024-11-15 02:35 2024-07-18 Show GitHub Exploit DB Packet Storm
1274 - - - SQL injection vulnerability in the module "Products Alert" (productsalert) before 1.7.4 from Smart Modules for PrestaShop allows attackers to obtain sensitive information and cause other impacts via … - CVE-2024-36683 2024-11-15 02:35 2024-06-25 Show GitHub Exploit DB Packet Storm
1275 - - - The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as deleting cards via CSRF… - CVE-2024-4532 2024-11-15 02:35 2024-05-27 Show GitHub Exploit DB Packet Storm
1276 - - - In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower (DCT) connections is disabled by default. - CVE-2024-28161 2024-11-15 02:35 2024-03-7 Show GitHub Exploit DB Packet Storm
1277 6.2 MEDIUM
Local
linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the … NVD-CWE-noinfo
CVE-2024-50251 2024-11-15 02:31 2024-11-9 Show GitHub Exploit DB Packet Storm
1278 8.8 HIGH
Network
blrt blrt_wp_embed Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Blrt Blrt WP Embed allows SQL Injection.This issue affects Blrt WP Embed: from n/a through 1.6.9. CWE-89
SQL Injection
CVE-2024-51606 2024-11-15 02:17 2024-11-10 Show GitHub Exploit DB Packet Storm
1279 5.4 MEDIUM
Network
sap commerce_backoffice SAP Commerce Backoffice does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can cause limited impact… CWE-79
Cross-site Scripting
CVE-2024-45278 2024-11-15 02:17 2024-10-8 Show GitHub Exploit DB Packet Storm
1280 8.8 HIGH
Network
pluginhandy amadiscount Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pluginhandy AmaDiscount allows SQL Injection.This issue affects AmaDiscount: from n/a through 1.0. CWE-89
SQL Injection
CVE-2024-51608 2024-11-15 02:14 2024-11-10 Show GitHub Exploit DB Packet Storm