Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194131	10	危険	aktueldownload	-	Aktueldownload Haber スクリプトの HaberDetay.asp における SQL インジェクションの脆弱性	-	CVE-2007-1015	2012-06-26 15:46	2007-02-21	Show	GitHub Exploit DB Packet Storm

194132	4.3	警告	deskpro	-	DeskPRO の faq.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-1012	2012-06-26 15:46	2007-02-21	Show	GitHub Exploit DB Packet Storm

194133	2.6	注意	アップル	-	Apple iTunes におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1008	2012-06-26 15:46	2007-02-19	Show	GitHub Exploit DB Packet Storm

194134	7.8	危険	CA Technologies	-	CA eTrust Intrusion Detection の SW3eng.exe におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-1005	2012-06-26 15:46	2007-02-27	Show	GitHub Exploit DB Packet Storm

194135	7.5	危険	aspcode.net	-	PollMentor の admin_poll.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-0984	2012-06-26 15:46	2007-02-16	Show	GitHub Exploit DB Packet Storm

194136	6.8	警告	ansatheus	-	AT Contenator の _admin/nav.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-0983	2012-06-26 15:46	2007-02-16	Show	GitHub Exploit DB Packet Storm

194137	10	危険	activex soft	-	ActSoft DVD-Tools ActiveX コントロールにおけるバッファオーバーフローの脆弱性	-	CVE-2007-0976	2012-06-26 15:46	2007-02-15	Show	GitHub Exploit DB Packet Storm

194138	5	警告	apache stats	-	Ian Bezanson Apache Stats における重要な変数を上書きされる脆弱性	-	CVE-2007-0975	2012-06-26 15:46	2007-02-15	Show	GitHub Exploit DB Packet Storm

194139	9	危険	シスコシステムズ	-	Cisco FWSM における特定の ACL 保護を回避される脆弱性	-	CVE-2007-0968	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

194140	7.8	危険	シスコシステムズ	-	Cisco FWSM におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0967	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 17, 2024, 4:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2101	-		-	-	Cross-site scripting vulnerability exists in WP Booking versions prior to 2.4.5. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessin…	-	CVE-2024-35297	2024-11-9 02:35	2024-05-27	Show	GitHub Exploit DB Packet Storm

2102	-		-	-	nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial of Service by remote attacker.	-	CVE-2024-28214	2024-11-9 02:35	2024-03-7	Show	GitHub Exploit DB Packet Storm

2103	-		-	-	The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1. A user may be unable to delete browsing history items.	-	CVE-2023-42951	2024-11-9 02:35	2024-02-21	Show	GitHub Exploit DB Packet Storm

2104	6.5	MEDIUM Network	hcltech	bigfix_webui_insights	A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page.	CWE-276 Incorrect Default Permissions	CVE-2023-23344	2024-11-9 02:35	2023-06-23	Show	GitHub Exploit DB Packet Storm

2105	8.8	HIGH Network	level1	wbr-6012_firmware	The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the curr…	CWE-620 Unverified Password Change	CVE-2024-33699	2024-11-9 02:09	2024-10-30	Show	GitHub Exploit DB Packet Storm

2106	7.5	HIGH Network	level1	wbr-6012_firmware	The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malforme…	NVD-CWE-noinfo	CVE-2024-33700	2024-11-9 02:06	2024-10-30	Show	GitHub Exploit DB Packet Storm

2107	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to en…	NVD-CWE-noinfo	CVE-2024-50093	2024-11-9 01:49	2024-11-6	Show	GitHub Exploit DB Packet Storm

2108	-		-	-	An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, whic…	-	CVE-2024-50593	2024-11-9 01:35	2024-11-8	Show	GitHub Exploit DB Packet Storm

2109	-		-	-	An unauthenticated attacker with access to the local network of the medical office can query an unprotected Fast Healthcare Interoperability Resources (FHIR) API to get access to sensitive electron…	-	CVE-2024-50589	2024-11-9 01:35	2024-11-8	Show	GitHub Exploit DB Packet Storm

2110	-		-	-	An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the data…	-	CVE-2024-50588	2024-11-9 01:35	2024-11-8	Show	GitHub Exploit DB Packet Storm