Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
193401 2.6 注意 Dotclear - DotClear におけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2007-3688 2012-06-26 15:46 2007-07-11 Show GitHub Exploit DB Packet Storm
193402 7.5 危険 aigaion - Aigaion の pagetopic.php における SQL インジェクションの脆弱性 - CVE-2007-3683 2012-06-26 15:46 2007-07-11 Show GitHub Exploit DB Packet Storm
193403 4.3 警告 シトリックス・システムズ - Citrix EPA ActiveX コントロールにおける任意のプログラムをクライアントシステム上にダウンロードされる脆弱性 - CVE-2007-3679 2012-06-26 15:46 2007-07-25 Show GitHub Exploit DB Packet Storm
193404 4.3 警告 Dotclear - DotClear の ecrire/tools.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3672 2012-06-26 15:46 2007-07-10 Show GitHub Exploit DB Packet Storm
193405 5 警告 activereportsexcelreport - ActiveReportsExcelReport の EXCLEXPT.DLL におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3667 2012-06-26 15:46 2007-07-10 Show GitHub Exploit DB Packet Storm
193406 5 警告 eltima software - Eltima Software RunService ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3664 2012-06-26 15:46 2007-07-10 Show GitHub Exploit DB Packet Storm
193407 5 警告 eltima software - VSPort.DLL におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3661 2012-06-26 15:46 2007-07-10 Show GitHub Exploit DB Packet Storm
193408 4.3 警告 fascript - Farsi Script FaName におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2007-3653 2012-06-26 15:46 2008-07-8 Show GitHub Exploit DB Packet Storm
193409 6.8 警告 fascript - Farsi Script FaName の class/page.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2007-3652 2012-06-26 15:46 2008-07-8 Show GitHub Exploit DB Packet Storm
193410 4.3 警告 fascript - Farsi Script FaName の class/page.php における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2007-3651 2012-06-26 15:46 2008-07-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 5:14 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2281 4.3 MEDIUM
Network
hcltech connections HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not entit… NVD-CWE-noinfo
CVE-2024-30106 2024-11-9 00:43 2024-10-29 Show GitHub Exploit DB Packet Storm
2282 6.1 MEDIUM
Network
elabftw elabftw eLabFTW is an open source electronic lab notebook for research labs. A vulnerability in versions prior to 5.1.5 allows an attacker to inject arbitrary HTML tags in the pages: "experiments.php" (show … CWE-79
CWE-94
Cross-site Scripting
Code Injection
CVE-2024-47826 2024-11-9 00:41 2024-10-15 Show GitHub Exploit DB Packet Storm
2283 7.5 HIGH
Network
vercel next.js Next.js is a React Framework for the Web. Cersions on the 10.x, 11.x, 12.x, 13.x, and 14.x branches before version 14.2.7 contain a vulnerability in the image optimization feature which allows for a … CWE-674
 Uncontrolled Recursion
CVE-2024-47831 2024-11-9 00:39 2024-10-15 Show GitHub Exploit DB Packet Storm
2284 6.1 MEDIUM
Network
forgerock access_management An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper validation of redirect URLs. This could allow an attacker to redirect end-users to malicious sites under… CWE-601
Open Redirect
CVE-2024-25566 2024-11-9 00:38 2024-10-30 Show GitHub Exploit DB Packet Storm
2285 - - - The Registrations for the Events Calendar WordPress plugin before 2.12.4 does not sanitise and escape some parameters when accepting event registrations, which could allow unauthenticated users to p… - CVE-2024-7982 2024-11-9 00:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2286 5.5 MEDIUM
Local
gpac gpac GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_isom_remove_user_data function at /lib/libgpac.so. NVD-CWE-noinfo
CVE-2023-37766 2024-11-9 00:35 2023-07-12 Show GitHub Exploit DB Packet Storm
2287 5.5 MEDIUM
Local
gpac gpac GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libgpac.so. NVD-CWE-noinfo
CVE-2023-37765 2024-11-9 00:35 2023-07-12 Show GitHub Exploit DB Packet Storm
2288 6.5 MEDIUM
Network
microsoft azure_functions Improper Access Control in Imagine Cup allows an authorized attacker to elevate privileges over a network. NVD-CWE-noinfo
CVE-2024-38204 2024-11-9 00:34 2024-10-16 Show GitHub Exploit DB Packet Storm
2289 8.6 HIGH
Network
microsoft power_platform Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector. CWE-862
 Missing Authorization
CVE-2024-38190 2024-11-9 00:34 2024-10-16 Show GitHub Exploit DB Packet Storm
2290 7.8 HIGH
Local
nvidia nemo NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. A successful exploit of this vulnerability may lead to c… CWE-22
Path Traversal
CVE-2024-0129 2024-11-9 00:33 2024-10-15 Show GitHub Exploit DB Packet Storm