Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 16, 2024, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194091 7.5 危険 dbscripts - DBImageGallery における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1164 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194092 7.8 危険 common controls replacement project - CCRP BrowseDialog Server の ccrpbds6.dll におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1162 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194093 4.3 警告 call-center-software - Call Center Software の call_entry.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-1161 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194094 7.5 危険 CutePHP - CutePHP CuteNews における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1153 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194095 7.5 危険 delmaa.com - arabhost の function.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1146 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194096 5 警告 comscripts - J-Web Pics Navigator の jwpn-photos.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-1144 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194097 9.4 危険 barekoncept - pheap の edit.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-1140 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194098 10 危険 cromosoft - Cromosoft SPP における任意のスクリプトをアップロードされる脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1139 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194099 5 警告 cromosoft - Cromosoft SPP の list_main_pages.php における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-1138 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194100 6.8 警告 efiction - eFiction における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1118 2012-06-26 15:46 2007-02-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 16, 2024, 5:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
51 4.9 MEDIUM
Network 		- - A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This… New CWE-20
 Improper Input Validation  		CVE-2021-1470 2024-11-16 02:35 2024-11-16 Show GitHub Exploit DB Packet Storm
52 7.8 HIGH
Local 		dell smartfabric_os10 Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulnerability. A low privileged attacker with local access could potentially exploit … Update CWE-77
Command Injection 		CVE-2024-49560 2024-11-16 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm
53 7.8 HIGH
Local 		dell smartfabric_os10 Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potenti… Update NVD-CWE-noinfo
CVE-2024-49558 2024-11-16 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm
54 8.8 HIGH
Network 		anisha job_recruitment A vulnerability was found in code-projects Job Recruitment up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin.php. The manipulat… Update CWE-89
SQL Injection 		CVE-2024-11127 2024-11-16 02:29 2024-11-13 Show GitHub Exploit DB Packet Storm
55 7.5 HIGH
Network 		eclipse mosquitto In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "U… Update CWE-416
CWE-401
CWE-755
 Use After Free
 Missing Release of Memory after Effective Lifetime
 Improper Handling of Exceptional Conditions 		CVE-2024-8376 2024-11-16 02:21 2024-10-12 Show GitHub Exploit DB Packet Storm
56 5.4 MEDIUM
Network 		nicheaddons sales_page_addon Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Sales Page Addon – Elementor & Beaver Builder allows Stored XSS.This issue aff… Update CWE-79
Cross-site Scripting 		CVE-2024-51585 2024-11-16 02:17 2024-11-10 Show GitHub Exploit DB Packet Storm
57 5.4 MEDIUM
Network 		modernaweb black_widgets_for_elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black W… Update CWE-79
Cross-site Scripting 		CVE-2024-51662 2024-11-16 02:16 2024-11-9 Show GitHub Exploit DB Packet Storm
58 - - - Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens,… New CWE-285
Improper Authorization 		CVE-2024-52528 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
59 - - - Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a user was stored unencrypted in the session data. The session data is encrypted before being saved i… New CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2024-52525 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
60 - - - Nextcloud Server is a self hosted personal cloud system. MD5 hashes were used to check background jobs for their uniqueness. This increased the chances of a background job with arguments falsely bein… New CWE-328
 Use of Weak Hash 		CVE-2024-52521 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm