Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 19, 2024, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194291 7.5 危険 dbscripts - DBImageGallery における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1164 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194292 7.8 危険 common controls replacement project - CCRP BrowseDialog Server の ccrpbds6.dll におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1162 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194293 4.3 警告 call-center-software - Call Center Software の call_entry.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-1161 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194294 7.5 危険 CutePHP - CutePHP CuteNews における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1153 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194295 7.5 危険 delmaa.com - arabhost の function.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1146 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194296 5 警告 comscripts - J-Web Pics Navigator の jwpn-photos.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-1144 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194297 9.4 危険 barekoncept - pheap の edit.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-1140 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194298 10 危険 cromosoft - Cromosoft SPP における任意のスクリプトをアップロードされる脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1139 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194299 5 警告 cromosoft - Cromosoft SPP の list_main_pages.php における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-1138 2012-06-26 15:46 2007-03-2 Show GitHub Exploit DB Packet Storm
194300 6.8 警告 efiction - eFiction における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1118 2012-06-26 15:46 2007-02-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 19, 2024, 4:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1451 7.8 HIGH
Local 		adobe substance_3d_painter Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploita… CWE-787
 Out-of-bounds Write 		CVE-2024-49525 2024-11-14 03:51 2024-11-13 Show GitHub Exploit DB Packet Storm
1452 7.8 HIGH
Local 		adobe substance_3d_painter Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o… CWE-787
 Out-of-bounds Write 		CVE-2024-49520 2024-11-14 03:51 2024-11-13 Show GitHub Exploit DB Packet Storm
1453 7.8 HIGH
Local 		adobe substance_3d_painter Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o… CWE-787
 Out-of-bounds Write 		CVE-2024-47427 2024-11-14 03:48 2024-11-13 Show GitHub Exploit DB Packet Storm
1454 4.7 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: sock_map: fix a NULL pointer dereference in sock_map_link_update_prog() The following race condition could trigger a NULL pointer… CWE-476
 NULL Pointer Dereference 		CVE-2024-50260 2024-11-14 03:47 2024-11-9 Show GitHub Exploit DB Packet Storm
1455 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use o… CWE-416
 Use After Free 		CVE-2024-49925 2024-11-14 03:47 2024-10-22 Show GitHub Exploit DB Packet Storm
1456 5.3 MEDIUM
Network 		level1 wbr-6012_firmware The LevelOne WBR-6012 router contains a vulnerability within its web application that allows unauthenticated disclosure of sensitive information, such as the WiFi WPS PIN, through a hidden page acces… NVD-CWE-noinfo
CVE-2024-33626 2024-11-14 03:43 2024-10-30 Show GitHub Exploit DB Packet Storm
1457 7.5 HIGH
Network 		level1 wbr-6012_firmware A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to a reboot. An attacker can send an HTTP request… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2024-33623 2024-11-14 03:43 2024-10-30 Show GitHub Exploit DB Packet Storm
1458 7.5 HIGH
Network 		opensourcelabs skyscraper SkyScrape is a GUI Dashboard for AWS Infrastructure and Managing Resources and Usage Costs. SkyScrape's API requests are currently unsecured HTTP requests, leading to potential vulnerabilities for t… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2024-37163 2024-11-14 03:42 2024-06-8 Show GitHub Exploit DB Packet Storm
1459 7.1 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan() KASAN reported following issue: BUG: KASAN: stack… CWE-125
Out-of-bounds Read 		CVE-2024-50227 2024-11-14 03:39 2024-11-9 Show GitHub Exploit DB Packet Storm
1460 5.3 MEDIUM
Network 		level1 wbr-6012_firmware The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users to access a verbose system log page and obtain sensitive data, such… NVD-CWE-noinfo
CVE-2024-33603 2024-11-14 03:39 2024-10-30 Show GitHub Exploit DB Packet Storm