Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Sept. 21, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
193081 4.3 警告 htmlpurifier
マイクロソフト		 - HTML Purifier におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4183 2012-03-27 18:42 2010-09-5 Show GitHub Exploit DB Packet Storm
193082 5 警告 Yaws - Yaws におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4181 2012-03-27 18:42 2010-11-4 Show GitHub Exploit DB Packet Storm
193083 4 警告 dracut Project
kernel.org		 - dracut におけるローカルユーザの tty0 からターナミルデータを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4176 2012-03-27 18:42 2010-12-7 Show GitHub Exploit DB Packet Storm
193084 3.3 注意 OpenFabrics Alliance - libsdp の libsdp.conf のディフォルト設定における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-4173 2012-03-27 18:42 2010-11-22 Show GitHub Exploit DB Packet Storm
193085 5 警告 OpenTTD - OpenTTD におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4168 2012-03-27 18:42 2010-11-17 Show GitHub Exploit DB Packet Storm
193086 7.5 危険 Joomla! - Joomla! における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4166 2012-03-27 18:42 2010-11-4 Show GitHub Exploit DB Packet Storm
193087 6.9 警告 Mono Project - Mono の metadata/loader.c における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-4159 2012-03-27 18:42 2010-09-26 Show GitHub Exploit DB Packet Storm
193088 4.3 警告 exv2 - eXV2 CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4155 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
193089 9.3 危険 rhinosoft - Rhino の FTP Voyager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4154 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
193090 9.3 危険 crossftp - CrossFTP Pro におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4153 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Sept. 22, 2024, 5:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1811 7.8 HIGH
Local 		x.org
redhat
fedoraproject 		libx11
enterprise_linux
fedora 		A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevate… CWE-190
 Integer Overflow or Wraparound 		CVE-2023-43787 2024-09-17 00:15 2023-10-10 Show GitHub Exploit DB Packet Storm
1812 5.5 MEDIUM
Local 		x.org
redhat
fedoraproject 		libx11
enterprise_linux
fedora 		A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service co… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2023-43786 2024-09-17 00:15 2023-10-10 Show GitHub Exploit DB Packet Storm
1813 5.5 MEDIUM
Local 		x.org
redhat
fedoraproject 		libx11
enterprise_linux
fedora 		A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of me… CWE-125
Out-of-bounds Read 		CVE-2023-43785 2024-09-17 00:15 2023-10-10 Show GitHub Exploit DB Packet Storm
1814 7.5 HIGH
Network 		lenovo nextscale_n1200_enclosure_firmware
thinkagile_cp-cb-10_firmware
thinkagile_cp-cb-10e_firmware
thinkagile_hx_enclosure_certified_node_firmware
thinkagile_vx_enclosure_firmware
thinksyst… 		An unauthenticated  denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore acc… NVD-CWE-noinfo
CVE-2023-2992 2024-09-17 00:15 2023-06-27 Show GitHub Exploit DB Packet Storm
1815 8.8 HIGH
Network 		datagear datagear A vulnerability, which was classified as problematic, has been found in DataGear up to 4.7.0/5.1.0. Affected by this issue is some unknown functionality of the component JDBC Server Handler. The mani… CWE-502
 Deserialization of Untrusted Data 		CVE-2023-2042 2024-09-17 00:15 2023-04-14 Show GitHub Exploit DB Packet Storm
1816 6.7 MEDIUM
Local 		lenovo thinkpad_e14_firmware
thinkpad_e14_gen_2_firmware
thinkpad_e14_gen_4_firmware
thinkpad_e15_firmware
thinkpad_e15_gen_2_firmware
thinkpad_e15_gen_4_firmware
thinkpad_e490_firmware 		A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code. NVD-CWE-noinfo
CVE-2023-2290 2024-09-17 00:15 2023-06-27 Show GitHub Exploit DB Packet Storm
1817 6.5 MEDIUM
Network 		snowflake streamlit Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Stre… CWE-22
Path Traversal 		CVE-2024-42474 2024-09-16 23:30 2024-08-13 Show GitHub Exploit DB Packet Storm
1818 4.3 MEDIUM
Network 		ibm openpages_grc_platform
openpages_with_watson 		IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users. NVD-CWE-Other
CVE-2024-27257 2024-09-16 23:26 2024-09-11 Show GitHub Exploit DB Packet Storm
1819 6.5 MEDIUM
Local 		theforeman foreman A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. This flaw allows an attacker with the ne… CWE-77
Command Injection 		CVE-2024-7700 2024-09-16 23:20 2024-08-13 Show GitHub Exploit DB Packet Storm
1820 4.3 MEDIUM
Network 		sap oil_\%\/_gas Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow… CWE-862
 Missing Authorization 		CVE-2024-44112 2024-09-16 23:19 2024-09-10 Show GitHub Exploit DB Packet Storm