Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194121	4.6	警告	Comodo	-	Comodo Firewall Pro におけるセキュリティ保護を回避される脆弱性	-	CVE-2007-1051	2012-06-26 15:46	2007-02-21	Show	GitHub Exploit DB Packet Storm

194122	4.3	警告	abledesign	-	AbleDesign MyCalendar の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-1050	2012-06-26 15:46	2007-02-21	Show	GitHub Exploit DB Packet Storm

194123	7.5	危険	distributed checksum clearinghouse	-	DCC における /var/dcc/maps 配下の hosts を削除される脆弱性	-	CVE-2007-1047	2012-06-26 15:46	2007-02-21	Show	GitHub Exploit DB Packet Storm

194124	5	警告	dem trac	-	Dem_trac におけるログファイルの内容を読み取られる脆弱性	-	CVE-2007-1046	2012-06-26 15:46	2007-02-21	Show	GitHub Exploit DB Packet Storm

194125	7.5	危険	ezboo	-	Ezboo webstats における認証を回避される脆弱性	-	CVE-2007-1043	2012-06-26 15:46	2007-02-21	Show	GitHub Exploit DB Packet Storm

194126	7.5	危険	Drupal	-	Drupal 用の Mediafield などのモジュールで使用される getID3 の特定のデモスクリプトにおける任意のファイルを削除される脆弱性	-	CVE-2007-1035	2012-06-26 15:46	2007-02-16	Show	GitHub Exploit DB Packet Storm

194127	7.5	危険	Drupal	-	Drupal 用の Secure site モジュールにおけるアクセス制限を回避される脆弱性	CWE-Other その他	CVE-2007-1033	2012-06-26 15:46	2007-02-16	Show	GitHub Exploit DB Packet Storm

194128	6.8	警告	barry jaspan	-	Drupal の Barry Jaspan Image Pager におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1028	2012-06-26 15:46	2007-02-15	Show	GitHub Exploit DB Packet Storm

194129	6.8	警告	cedstat	-	CedStat の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1020	2012-06-26 15:46	2007-02-21	Show	GitHub Exploit DB Packet Storm

194130	7.5	危険	aktueldownload	-	Aktueldownload Haber スクリプトにおける SQL インジェクションの脆弱性	-	CVE-2007-1016	2012-06-26 15:46	2007-02-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 17, 2024, 4:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2081	2.7	LOW Network	grafana	grafana	Organization admins can delete pending invites created in an organization they are not part of.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-10452	2024-11-9 02:59	2024-10-30	Show	GitHub Exploit DB Packet Storm

2082	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a…	CWE-476 NULL Pointer Dereference	CVE-2024-50117	2024-11-9 02:53	2024-11-6	Show	GitHub Exploit DB Packet Storm

2083	-		-	-	Inconsistent <plaintext> tag parsing allows for XSS in Froala WYSIWYG editor 4.3.0 and earlier.	-	CVE-2024-51434	2024-11-9 02:35	2024-11-8	Show	GitHub Exploit DB Packet Storm

2084	-		-	-	SourceCodester Survey Application System 1.0 is vulnerable to SQL Injection in takeSurvey.php via the id parameter.	-	CVE-2024-50766	2024-11-9 02:35	2024-11-8	Show	GitHub Exploit DB Packet Storm

2085	-		-	-	The Inshot com.downloader.privatebrowser (aka Video Downloader - XDownloader) application through 1.3.5 for Android allows an attacker to execute arbitrary JavaScript code via the com.downloader.priv…	-	CVE-2024-46961	2024-11-9 02:35	2024-11-8	Show	GitHub Exploit DB Packet Storm

2086	-		-	-	The ASD com.rocks.video.downloader (aka HD Video Downloader All Format) application through 7.0.129 for Android allows an attacker to execute arbitrary JavaScript code via the com.rocks.video.downloa…	-	CVE-2024-46960	2024-11-9 02:35	2024-11-8	Show	GitHub Exploit DB Packet Storm

2087	-		-	-	The NLL com.nll.cb (aka ACR Phone) application through 0.330-playStore-NoAccessibility-arm8 for Android allows any installed application (with no permissions) to place phone calls without user intera…	-	CVE-2024-36064	2024-11-9 02:35	2024-11-8	Show	GitHub Exploit DB Packet Storm

2088	-		-	-	The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted …	-	CVE-2024-36063	2024-11-9 02:35	2024-11-8	Show	GitHub Exploit DB Packet Storm

2089	-		-	-	An issue was discovered on One2Track 2019-12-08 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!"…	-	CVE-2019-20472	2024-11-9 02:35	2024-11-8	Show	GitHub Exploit DB Packet Storm

2090	-		-	-	An issue was discovered on One2Track 2019-12-08 devices. Confidential information is needlessly stored on the smartwatch. Audio files are stored in .amr format, in the audior directory. An attacker w…	-	CVE-2019-20469	2024-11-9 02:35	2024-11-8	Show	GitHub Exploit DB Packet Storm