Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 16, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194201	6.8	警告	アップル	-	Apple Mac OS X の diskimages-helper における任意のコードを実行される脆弱性	-	CVE-2007-0721	2012-06-26 15:46	2007-03-13	Show	GitHub Exploit DB Packet Storm

194202	7.2	危険	Comodo	-	Comodo Firewall Pro および Comodo Personal Firewall の cmdmon.sys におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0709	2012-06-26 15:46	2007-02-3	Show	GitHub Exploit DB Packet Storm

194203	7.2	危険	Comodo	-	Comodo Firewall Pro の cmdmon.sys におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0708	2012-06-26 15:46	2007-02-3	Show	GitHub Exploit DB Packet Storm

194204	6.8	警告	Gretech	-	GOM Player におけるスタックベースのバッファーオーバーフローの脆弱性	-	CVE-2007-0707	2012-06-26 15:46	2007-02-3	Show	GitHub Exploit DB Packet Storm

194205	7.5	危険	epistemon	-	Epistemon の inc/common.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0701	2012-06-26 15:46	2007-02-3	Show	GitHub Exploit DB Packet Storm

194206	6.8	警告	free lan intra internet portal	-	FLIP におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0696	2012-06-26 15:46	2007-02-3	Show	GitHub Exploit DB Packet Storm

194207	7.5	危険	free lan intra internet portal	-	FLIP における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-0695	2012-06-26 15:46	2007-02-3	Show	GitHub Exploit DB Packet Storm

194208	4.3	警告	diangemilang	-	DGNews の footer.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0694	2012-06-26 15:46	2007-05-30	Show	GitHub Exploit DB Packet Storm

194209	6.8	警告	diangemilang	-	DGNews の news.php における SQL インジェクションの脆弱性	-	CVE-2007-0693	2012-06-26 15:46	2007-05-30	Show	GitHub Exploit DB Packet Storm

194210	5	警告	dgnews	-	DGNews における重要な情報を取得される脆弱性	-	CVE-2007-0692	2012-06-26 15:46	2007-05-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 16, 2024, 4:17 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
121	7.8	HIGH Local	amd	ryzen_ai_software	Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. Update	NVD-CWE-noinfo	CVE-2024-21974	2024-11-16 04:20	2024-11-13	Show	GitHub Exploit DB Packet Storm

122	5.5	MEDIUM Local	amd	ryzen_ai_software	Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading to system crash. Update	NVD-CWE-noinfo	CVE-2024-21949	2024-11-16 04:20	2024-11-13	Show	GitHub Exploit DB Packet Storm

123	-		-	-	An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication (IPC) mechanism between Cura application and CuraEngine proces… New	-	CVE-2024-51330	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

124	-		-	-	An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information via the captcha feature in the password reset function. New	-	CVE-2024-51037	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

125	-		-	-	GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17. New	CWE-89 SQL Injection	CVE-2024-45608	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

126	-		-	-	GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.1… New	CWE-79 Cross-site Scripting	CVE-2024-43418	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

127	-		-	-	GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Sof… New	CWE-79 Cross-site Scripting	CVE-2024-43417	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

128	-		-	-	GLPI is a free asset and IT management software package. An authenticated user can exploit a SQL injection vulnerability from the ticket form. Upgrade to 10.0.17. New	CWE-89 SQL Injection	CVE-2024-41679	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

129	-		-	-	An uninitialized pointer dereference in OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialContextSetupResponse message sent to the AMF. New	-	CVE-2024-24446	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

130	-		-	-	A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet with a zero-length EMM message length. New	-	CVE-2024-24431	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm