Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 15, 2024, 6:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194071	6.8	警告	aweb labs	-	aWeb Labs aWebNews における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-1247	2012-06-26 15:46	2007-03-3	Show	GitHub Exploit DB Packet Storm

194072	7.5	危険	audins audiens	-	Audins Audiens における製品をアンインストールされる脆弱性	-	CVE-2007-1243	2012-06-26 15:46	2007-03-3	Show	GitHub Exploit DB Packet Storm

194073	7.5	危険	audins audiens	-	Audins Audiens の system/index.php における SQL インジェクションの脆弱性	-	CVE-2007-1242	2012-06-26 15:46	2007-03-3	Show	GitHub Exploit DB Packet Storm

194074	5.8	警告	audins audiens	-	Audins Audiens の setup.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1241	2012-06-26 15:46	2007-03-3	Show	GitHub Exploit DB Packet Storm

194075	4.3	警告	Docebo	-	Docebo CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-1240	2012-06-26 15:46	2007-03-3	Show	GitHub Exploit DB Packet Storm

194076	5	警告	bjsintay	-	sitex における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2007-1237	2012-06-26 15:46	2007-03-3	Show	GitHub Exploit DB Packet Storm

194077	7.5	危険	bjsintay	-	sitex における任意の PHP コードをアップロードされる脆弱性	CWE-20 不適切な入力確認	CVE-2007-1235	2012-06-26 15:46	2007-03-3	Show	GitHub Exploit DB Packet Storm

194078	4.3	警告	bjsintay	-	sitex におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-1234	2012-06-26 15:46	2007-03-3	Show	GitHub Exploit DB Packet Storm

194079	10	危険	grok developments	-	Grok Developments NetProxy の接続ログファイル実装における不正な活動を実行される脆弱性	-	CVE-2007-1225	2012-06-26 15:46	2007-03-2	Show	GitHub Exploit DB Packet Storm

194080	5	警告	grok developments	-	Grok Developments NetProxy における URL フィルタを回避される脆弱性	-	CVE-2007-1224	2012-06-26 15:46	2007-03-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 16, 2024, 5:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
61	-		-	-	Nextcloud Server is a self hosted personal cloud system. The OAuth2 client secrets were stored in a recoverable way, so that an attacker that got access to a backup of the database and the Nextcloud … New	CWE-922 Insecure Storage of Sensitive Information	CVE-2024-52519	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

62	-		-	-	Nextcloud Server is a self hosted personal cloud system. After an attacker got access to the session of a user or administrator, the attacker would be able to create, change or delete external storag… New	CWE-287 Improper Authentication	CVE-2024-52518	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

63	-		-	-	Nextcloud Server is a self hosted personal cloud system. After storing "Global credentials" on the server, the API returns them and adds them into the frontend again, allowing to read them in plain t… New	CWE-200 Information Exposure	CVE-2024-52517	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

64	-		-	-	Nextcloud Server is a self hosted personal cloud system. When a server is configured to only allow sharing with users that are in ones own groups, after a user was removed from a group, previously sh… New	CWE-269 Improper Privilege Management	CVE-2024-52516	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

65	-		-	-	Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled SVG preview provider, a malicious user could upload a manipulated SVG file referencing paths. If t… New	CWE-706 Use of Incorrectly-Resolved Name or Reference	CVE-2024-52515	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

66	-		-	-	emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write malicious JavaScript code in published articles. New	-	CVE-2024-50655	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

67	-		-	-	lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain coupons beyond the quantity limit by capturing and sending the data packets for coupon collection in hi… New	-	CVE-2024-50654	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

68	-		-	-	CRMEB <=5.4.0 is vulnerable to Incorrect Access Control. Users can bypass the front-end restriction of only being able to claim coupons once by capturing packets and sending a large number of data pa… New	-	CVE-2024-50653	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

69	-		-	-	Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go. New	-	CVE-2024-44625	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

70	8.2	HIGH Network	-	-	IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit … New	CWE-611 XXE	CVE-2024-39726	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm