Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 12, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194221 7.5 危険 cutenews aj-fork - CN:AJ の inc/shows.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6546 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
194222 6.8 警告 cm68 news - CM68 News におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6544 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
194223 7.5 危険 appintellect - AppIntellect SpotLight CRM の login.asp における SQL インジェクションの脆弱性 - CVE-2006-6543 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
194224 7.5 危険 fantastic news - Falt4Extreme RC4 の index.php における SQL インジェクションの脆弱性 - CVE-2006-6542 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
194225 6.8 警告 bluetrait - Bluetrait の bt-trackback.php における SQL インジェクションの脆弱性 - CVE-2006-6540 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
194226 10 危険 flippet.org - Wawi におけるバッファオーバーフローの脆弱性 - CVE-2006-6539 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
194227 7.8 危険 D-Link Systems, Inc. - D-LINK DWL-2000AP+ におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6538 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
194228 6.8 警告 cilem - Cilem Haber Free Edition の hata.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6536 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
194229 6.8 警告 Drupal - Drupal 用の Help Tip モジュールにおけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6531 2012-06-26 15:38 2006-12-11 Show GitHub Exploit DB Packet Storm
194230 7.5 危険 Drupal - Drupal 用の Help Tip モジュールにおける SQL インジェクションの脆弱性 - CVE-2006-6530 2012-06-26 15:38 2006-12-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 12, 2024, 4:17 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
61 - - - GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treate… New - CVE-2024-52530 2024-11-12 05:15 2024-11-12 Show GitHub Exploit DB Packet Storm
62 - - - libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised Device Protocol) and provides a C library with support for C++, Rust and Python3. In affected versions an unexpected `REPLY_CCRYPT… New CWE-924
 Improper Enforcement of Message Integrity During Transmission in a Communication Channel 		CVE-2024-52288 2024-11-12 05:15 2024-11-12 Show GitHub Exploit DB Packet Storm
63 - - - Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. In affected versions the Merge functionality takes untrusted user input (file name) and us… New CWE-79
CWE-20
Cross-site Scripting
 Improper Input Validation  		CVE-2024-52286 2024-11-12 05:15 2024-11-12 Show GitHub Exploit DB Packet Storm
64 - - - Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue (CWE-749: Expo… New CWE-749
 Exposed Dangerous Method or Function 		CVE-2024-51992 2024-11-12 05:15 2024-11-12 Show GitHub Exploit DB Packet Storm
65 - - - Ampache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu, where users can change "Custom URL - Logo". This sec… New CWE-79
Cross-site Scripting 		CVE-2024-51490 2024-11-12 05:15 2024-11-12 Show GitHub Exploit DB Packet Storm
66 - - - Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users send messages to one another… New CWE-352
 Origin Validation Error 		CVE-2024-51489 2024-11-12 05:15 2024-11-12 Show GitHub Exploit DB Packet Storm
67 - - - Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users delete messages. This vulner… New CWE-352
 Origin Validation Error 		CVE-2024-51488 2024-11-12 05:15 2024-11-12 Show GitHub Exploit DB Packet Storm
68 - - - Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating catalog. … New CWE-352
 Origin Validation Error 		CVE-2024-51487 2024-11-12 05:15 2024-11-12 Show GitHub Exploit DB Packet Storm
69 - - - Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can run arbitrary php code on the server in combination with a file write possibility. … New CWE-22
Path Traversal 		CVE-2024-51748 2024-11-12 05:15 2024-11-12 Show GitHub Exploit DB Packet Storm
70 - - - Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can read and delete arbitrary files from the server. File attachments, that are viewabl… New CWE-22
CWE-27
Path Traversal
 Path Traversal: 'dir/../../filename' 		CVE-2024-51747 2024-11-12 05:15 2024-11-12 Show GitHub Exploit DB Packet Storm