Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 15, 2024, 6:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
193081	10	危険	Boa	-	Boa 用の Intersil 拡張機能におけるメモリに格納された管理者パスワードを変更される脆弱性	CWE-20 不適切な入力確認	CVE-2007-4915	2012-06-26 15:54	2007-09-17	Show	GitHub Exploit DB Packet Storm

193082	5	警告	JetAudio	-	JetCast Server の JSMP3OGGWt.dll におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-4911	2012-06-26 15:54	2007-09-17	Show	GitHub Exploit DB Packet Storm

193083	7.5	危険	AuraCMS	-	AuraCMS の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-4908	2012-06-26 15:54	2007-09-17	Show	GitHub Exploit DB Packet Storm

193084	7.5	危険	AuraCMS	-	AuraCMS の mod/contak.php における任意の PHP コードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2007-4905	2012-06-26 15:54	2007-09-17	Show	GitHub Exploit DB Packet Storm

193085	5.8	警告	AOL	-	Internet Explorer サーバコントロールにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2007-4901	2012-06-26 15:54	2007-09-14	Show	GitHub Exploit DB Packet Storm

193086	4.3	警告	University of California	-	Boinc Forum におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4899	2012-06-26 15:54	2007-09-14	Show	GitHub Exploit DB Packet Storm

193087	6.8	警告	AuraCMS	-	AuraCMS の index.php における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2007-4886	2012-06-26 15:54	2007-09-13	Show	GitHub Exploit DB Packet Storm

193088	4.3	警告	avnex	-	Avnex AV MP3 Player におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2007-4885	2012-06-26 15:54	2007-09-13	Show	GitHub Exploit DB Packet Storm

193089	4.3	警告	boesch-it	-	SimpNews におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4874	2012-06-26 15:54	2007-09-26	Show	GitHub Exploit DB Packet Storm

193090	5	警告	Google	-	Google Picasa における画像ファイルを読まれる脆弱性	CWE-DesignError	CVE-2007-4847	2012-06-26 15:54	2007-09-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 15, 2024, 4:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
501	7.5	HIGH Network	jerryscript	jerryscript	An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the arrays. Update	NVD-CWE-noinfo	CVE-2023-36201	2024-11-14 06:35	2023-07-8	Show	GitHub Exploit DB Packet Storm

502	5.4	MEDIUM Network	zohocorp	manageengine_servicedesk_plus manageengine_servicedesk_plus_msp manageengine_supportcenter_plus	Zoho ManageEngine ServiceDesk Plus before 14202, ServiceDesk Plus MSP before 14300, and SupportCenter Plus before 14300 have a privilege escalation vulnerability in the Release module that allows unp… Update	NVD-CWE-noinfo	CVE-2023-34197	2024-11-14 06:35	2023-07-7	Show	GitHub Exploit DB Packet Storm

503	-		-	-	Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attacker… New	-	CVE-2024-52550	2024-11-14 06:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

504	-		-	-	The file upload function in the "QWKalkulation" tool of baltic-it TOPqw Webportal v1.35.287.1 (fixed in version 1.35.291), in /Apps/TOPqw/QWKalkulation/QWKalkulation.aspx, is vulnerable to Cross-Site… New	-	CVE-2024-45879	2024-11-14 06:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

505	-		-	-	The "Stammdaten" menu of baltic-it TOPqw Webportal v1.35.283.2 (fixed in version 1.35.291), in /Apps/TOPqw/qwStammdaten.aspx, is vulnerable to persistent Cross-Site Scripting (XSS). New	-	CVE-2024-45878	2024-11-14 06:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

506	-		-	-	baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User Management function in /Apps/TOPqw/BenutzerManagement.aspx. This allows a low privileged user to access all… New	-	CVE-2024-45877	2024-11-14 06:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

507	-		-	-	The login form of baltic-it TOPqw Webportal v1.35.283.2 (fixed in version 1.35.283.4) at /Apps/TOPqw/Login.aspx is vulnerable to SQL injection. The vulnerability exists in the POST parameter txtUsern… New	-	CVE-2024-45876	2024-11-14 06:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

508	-		-	-	The create user function in baltic-it TOPqw Webportal 1.35.287.1 (fixed in version1.35.291), in /Apps/TOPqw/BenutzerManagement.aspx/SaveNewUser, is vulnerable to SQL injection. The JSON object userna… New	-	CVE-2024-45875	2024-11-14 06:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

509	-		-	-	Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access. New	-	CVE-2024-41167	2024-11-14 06:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

510	-		-	-	Use after free in the UEFI firmware of some Intel(R) Server M20NTP BIOS may allow a privileged user to potentially enable escalation of privilege via local access. New	CWE-416 Use After Free	CVE-2024-40885	2024-11-14 06:15	2024-11-14	Show	GitHub Exploit DB Packet Storm