Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 15, 2024, 6:02 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
193681 7.8 危険 bitscast - BitsCast におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2726 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
193682 7.5 危険 db soft lab - DEWizardAX.ocx における任意のファイルを上書きされる脆弱性 - CVE-2007-2725 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
193683 4.3 警告 fotolog - fotolog の all_photos.html におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2724 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
193684 4.3 警告 Intermesh - Group-Office における重要な情報を取得される脆弱性 - CVE-2007-2720 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
193685 6.8 警告 eqdkp - EQdkp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2716 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
193686 7.5 危険 feindt computerservice - News-Script の newsadmin.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2708 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
193687 7.5 危険 Geeklog - Media Gallery の maint/ftpmedia.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2706 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
193688 7.8 危険 BEAシステムズ - BEA WebLogic Integration の Test View Console におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2705 2012-06-26 15:46 2007-05-15 Show GitHub Exploit DB Packet Storm
193689 3.6 注意 BEAシステムズ - BEA WebLogic Portal GA における特権を有するリソースへアクセスされる脆弱性 - CVE-2007-2703 2012-06-26 15:46 2007-05-15 Show GitHub Exploit DB Packet Storm
193690 3.5 注意 BEAシステムズ - BEA WebLogic Portal GA の GroupSpace アプリケーションにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2702 2012-06-26 15:46 2007-05-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 15, 2024, 4:16 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
461 7.8 HIGH
Local
artifex ghostscript An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal. Update CWE-22
Path Traversal
CVE-2024-46954 2024-11-14 10:58 2024-11-11 Show GitHub Exploit DB Packet Storm
462 5.5 MEDIUM
Local
artifex
debian
suse
ghostscript
debian_linux
linux_enterprise_high_performance_computing
linux_enterprise_server
linux_enterprise_server_for_sap
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space. Update CWE-125
Out-of-bounds Read
CVE-2024-46955 2024-11-14 10:53 2024-11-11 Show GitHub Exploit DB Packet Storm
463 6.1 MEDIUM
Network
theeventprime eventprime URL Redirection to Untrusted Site ('Open Redirect') vulnerability in EventPrime Events EventPrime.This issue affects EventPrime: from n/a through 4.0.4.5. Update CWE-601
Open Redirect
CVE-2024-47648 2024-11-14 10:53 2024-10-11 Show GitHub Exploit DB Packet Storm
464 9.8 CRITICAL
Network
- - Windows KDC Proxy Remote Code Execution Vulnerability New CWE-197
 Numeric Truncation Error
CVE-2024-43639 2024-11-14 09:15 2024-11-13 Show GitHub Exploit DB Packet Storm
465 6.1 MEDIUM
Network
microsoft nugetgallery NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HT… Update CWE-79
Cross-site Scripting
CVE-2024-47604 2024-11-14 08:17 2024-10-2 Show GitHub Exploit DB Packet Storm
466 - - - Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded cryptographic key used for encryption. New - CVE-2024-40410 2024-11-14 08:15 2024-11-14 Show GitHub Exploit DB Packet Storm
467 - - - Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user pr… New - CVE-2024-40408 2024-11-14 08:15 2024-11-14 Show GitHub Exploit DB Packet Storm
468 - - - A full path disclosure in Cybele Software Thinfinity Workspace before v7.0.2.113 allows attackers to obtain the root path of the application via unspecified vectors. New - CVE-2024-40407 2024-11-14 08:15 2024-11-14 Show GitHub Exploit DB Packet Storm
469 - - - Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker via a crafted request. New - CVE-2024-40405 2024-11-14 08:15 2024-11-14 Show GitHub Exploit DB Packet Storm
470 - - - Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the API endpoint where Web Sockets connections are established. New - CVE-2024-40404 2024-11-14 08:15 2024-11-14 Show GitHub Exploit DB Packet Storm