Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Sept. 20, 2024, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
193661	7.5	危険	アップルサイバートラスト株式会社 Mozilla Foundation PNG Development Group オラクル VMware フェンリル株式会社レッドハット	-	libpng に脆弱性	CWE-119 バッファエラー	CVE-2010-1205	2012-03-27 10:29	2010-07-6	Show	GitHub Exploit DB Packet Storm

193662	7.8	危険	アップルサイバートラスト株式会社 PNG Development Group Lunascape オラクル VMware フェンリル株式会社レッドハット	-	libpng における圧縮された補助チャンクの処理に脆弱性	CWE-399 リソース管理の問題	CVE-2010-0205	2012-03-27 10:22	2010-03-4	Show	GitHub Exploit DB Packet Storm

193663	7.5	危険	クアンタムデル IBM	-	複数のテープライブラリ製品におけるアクセス権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2012-1844	2012-03-26 18:12	2012-03-22	Show	GitHub Exploit DB Packet Storm

193664	5	警告	クアンタムデル	-	Quantum Scalar i500 および Dell ML6000 における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-1841	2012-03-26 18:08	2012-03-22	Show	GitHub Exploit DB Packet Storm

193665	5	警告	LG-Nortel	-	LG-Nortel ELO GS24M に複数の脆弱性	CWE-287 不適切な認証	CVE-2012-1838	2012-03-26 16:29	2012-03-22	Show	GitHub Exploit DB Packet Storm

193666	7.5	危険	Webglimpse	-	WebGlimpse に OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2012-1795	2012-03-26 16:24	2012-03-20	Show	GitHub Exploit DB Packet Storm

193667	7.5	危険	Pydio	-	AjaXplorer におけるログインのアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2012-1840	2012-03-26 16:08	2012-03-22	Show	GitHub Exploit DB Packet Storm

193668	7.5	危険	Pydio	-	AjaXplorer の Get Template 機能におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-1839	2012-03-26 16:08	2012-03-22	Show	GitHub Exploit DB Packet Storm

193669	5	警告	IBM	-	IBM Tivoli Endpoint Manager における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2012-1837	2012-03-26 16:07	2012-03-22	Show	GitHub Exploit DB Packet Storm

193670	4.3	警告	IBM	-	IBM Tivoli Endpoint Manager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0719	2012-03-26 16:04	2012-03-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Sept. 20, 2024, 12:52 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1	-		-	-	A vulnerability classified as critical was found in SourceCodester Best Online News Portal 1.0. This vulnerability affects unknown code of the file /news-details.php of the component Comment Section.… New	CWE-89 SQL Injection	CVE-2024-9008	2024-09-20 08:15	2024-09-20	Show	GitHub Exploit DB Packet Storm

2	-		-	-	A vulnerability classified as problematic has been found in jeanmarc77 123solar 1.8.4.5. This affects an unknown part of the file /detailed.php. The manipulation of the argument date1 leads to cross … New	CWE-79 Cross-site Scripting	CVE-2024-9007	2024-09-20 08:15	2024-09-20	Show	GitHub Exploit DB Packet Storm

3	-		-	-	A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file config/config_invt1.php. The manipulation of … New	-	CVE-2024-9006	2024-09-20 08:15	2024-09-20	Show	GitHub Exploit DB Packet Storm

4	-		-	-	A flaw was found in Envoy. It is possible to modify or manipulate headers from external clients when pass-through routes are used for the ingress gateway. This issue could allow a malicious user to f… New	CWE-20 Improper Input Validation	CVE-2024-7207	2024-09-20 08:15	2024-09-20	Show	GitHub Exploit DB Packet Storm

5	-		-	-	The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons p… New	CWE-611 XXE	CVE-2024-46984	2024-09-20 08:15	2024-09-20	Show	GitHub Exploit DB Packet Storm

6	-		-	-	sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous cla… New	CWE-74 Injection	CVE-2024-46983	2024-09-20 08:15	2024-09-20	Show	GitHub Exploit DB Packet Storm

7	-		-	-	Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies (such as X-Forwarded-For) by providing a underscore version of the … New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-45614	2024-09-20 08:15	2024-09-20	Show	GitHub Exploit DB Packet Storm

8	-		-	-	Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT … New	CWE-321 Use of Hard-coded Cryptographic Key	CVE-2023-27584	2024-09-20 08:15	2024-09-20	Show	GitHub Exploit DB Packet Storm

9	-		-	-	Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the req… New	CWE-345 CWE-348 Insufficient Verification of Data Authenticity Use of Less Trusted Source	CVE-2024-45410	2024-09-20 08:15	2024-09-20	Show	GitHub Exploit DB Packet Storm

10	6.3	MEDIUM Network	microsoft	edge_chromium	Microsoft Edge (HTML-based) Memory Corruption Vulnerability Update	CWE-787 Out-of-bounds Write	CVE-2024-38207	2024-09-20 07:15	2024-08-24	Show	GitHub Exploit DB Packet Storm