Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 16, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194211	7.5	危険	cerulean portal system	-	Cerulean Portal System の portal.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0684	2012-06-26 15:46	2007-02-2	Show	GitHub Exploit DB Packet Storm

194212	7.5	危険	extcalendar	-	ExtCalendar の profile.php における任意のパスワードを変更される脆弱性	-	CVE-2007-0681	2012-06-26 15:46	2007-02-2	Show	GitHub Exploit DB Packet Storm

194213	7.5	危険	fullaspsite	-	Fullaspsite Asp Hosting Sitesi の windows.asp における SQL インジェクションの脆弱性	-	CVE-2007-0678	2012-06-26 15:46	2007-02-2	Show	GitHub Exploit DB Packet Storm

194214	7.5	危険	cronosys	-	Cadre PHP Framework の fw/class.Quick_Config_Browser.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0677	2012-06-26 15:46	2007-02-2	Show	GitHub Exploit DB Packet Storm

194215	6.8	警告	exoscripts	-	ExoPHPDesk の faq.php における SQL インジェクションの脆弱性	-	CVE-2007-0676	2012-06-26 15:46	2007-02-2	Show	GitHub Exploit DB Packet Storm

194216	7.8	危険	CA Technologies	-	BrightStor ARCserve Backup for Laptops & Desktops の LGSERVER.EXE におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2007-0673	2012-06-26 15:46	2007-01-23	Show	GitHub Exploit DB Packet Storm

194217	7.8	危険	CA Technologies	-	BrightStor Mobile Backup の LGSERVER.EXE におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0672	2012-06-26 15:46	2007-01-23	Show	GitHub Exploit DB Packet Storm

194218	5	警告	ACME Laboratories	-	Gentoo Linux の thttpd における任意のファイルを読まれる脆弱性	-	CVE-2007-0664	2012-06-26 15:46	2007-02-2	Show	GitHub Exploit DB Packet Storm

194219	7.5	危険	eclectic designs	-	Eclectic Designs CascadianFAQ の index.php における SQL インジェクションの脆弱性	-	CVE-2007-0663	2012-06-26 15:46	2007-02-1	Show	GitHub Exploit DB Packet Storm

194220	6.8	警告	DNN	-	DNN の IFrame モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0660	2012-06-26 15:46	2007-01-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 16, 2024, 4:17 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
121	7.8	HIGH Local	amd	ryzen_ai_software	Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. Update	NVD-CWE-noinfo	CVE-2024-21974	2024-11-16 04:20	2024-11-13	Show	GitHub Exploit DB Packet Storm

122	5.5	MEDIUM Local	amd	ryzen_ai_software	Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading to system crash. Update	NVD-CWE-noinfo	CVE-2024-21949	2024-11-16 04:20	2024-11-13	Show	GitHub Exploit DB Packet Storm

123	-		-	-	An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication (IPC) mechanism between Cura application and CuraEngine proces… New	-	CVE-2024-51330	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

124	-		-	-	An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information via the captcha feature in the password reset function. New	-	CVE-2024-51037	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

125	-		-	-	GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17. New	CWE-89 SQL Injection	CVE-2024-45608	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

126	-		-	-	GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.1… New	CWE-79 Cross-site Scripting	CVE-2024-43418	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

127	-		-	-	GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Sof… New	CWE-79 Cross-site Scripting	CVE-2024-43417	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

128	-		-	-	GLPI is a free asset and IT management software package. An authenticated user can exploit a SQL injection vulnerability from the ticket form. Upgrade to 10.0.17. New	CWE-89 SQL Injection	CVE-2024-41679	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

129	-		-	-	An uninitialized pointer dereference in OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialContextSetupResponse message sent to the AMF. New	-	CVE-2024-24446	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

130	-		-	-	A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet with a zero-length EMM message length. New	-	CVE-2024-24431	2024-11-16 04:15	2024-11-16	Show	GitHub Exploit DB Packet Storm