Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 19, 2024, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
194271 6.8 警告 aweb labs - aWeb Labs aWebNews における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2007-1247 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
194272 7.5 危険 audins audiens - Audins Audiens における製品をアンインストールされる脆弱性 - CVE-2007-1243 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
194273 7.5 危険 audins audiens - Audins Audiens の system/index.php における SQL インジェクションの脆弱性 - CVE-2007-1242 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
194274 5.8 警告 audins audiens - Audins Audiens の setup.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1241 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
194275 4.3 警告 Docebo - Docebo CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2007-1240 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
194276 5 警告 bjsintay - sitex における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2007-1237 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
194277 7.5 危険 bjsintay - sitex における任意の PHP コードをアップロードされる脆弱性 CWE-20
不適切な入力確認
CVE-2007-1235 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
194278 4.3 警告 bjsintay - sitex におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2007-1234 2012-06-26 15:46 2007-03-3 Show GitHub Exploit DB Packet Storm
194279 10 危険 grok developments - Grok Developments NetProxy の接続ログファイル実装における不正な活動を実行される脆弱性 - CVE-2007-1225 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194280 5 警告 grok developments - Grok Developments NetProxy における URL フィルタを回避される脆弱性 - CVE-2007-1224 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 19, 2024, 4:16 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2381 6.5 MEDIUM
Network
hcltech bigfix_webui_insights A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page. CWE-276
Incorrect Default Permissions 
CVE-2023-23344 2024-11-9 02:35 2023-06-23 Show GitHub Exploit DB Packet Storm
2382 8.8 HIGH
Network
level1 wbr-6012_firmware The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the curr… CWE-620
 Unverified Password Change
CVE-2024-33699 2024-11-9 02:09 2024-10-30 Show GitHub Exploit DB Packet Storm
2383 7.5 HIGH
Network
level1 wbr-6012_firmware The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malforme… NVD-CWE-noinfo
CVE-2024-33700 2024-11-9 02:06 2024-10-30 Show GitHub Exploit DB Packet Storm
2384 5.5 MEDIUM
Local
linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to en… NVD-CWE-noinfo
CVE-2024-50093 2024-11-9 01:49 2024-11-6 Show GitHub Exploit DB Packet Storm
2385 - - - An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, whic… - CVE-2024-50593 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2386 - - - An unauthenticated attacker with access to the local network of the medical office can query an unprotected Fast Healthcare Interoperability Resources (FHIR) API to get access to sensitive electron… - CVE-2024-50589 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2387 - - - An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the data… - CVE-2024-50588 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2388 - - - An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a race condition in the Elefant Update Service during th… - CVE-2024-50592 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2389 - - - An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a command injection vulnerability in the Elefant Update … - CVE-2024-50591 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2390 - - - Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissio… - CVE-2024-50590 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm