Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
194361 9 危険 centrality communications - Centrality Communications A168 チップセットが実装する admin Web コンソールにおける重要な情報 (パスワードおよび設定データ) を取得される脆弱性 - CVE-2007-0528 2012-06-26 15:46 2007-01-25 Show GitHub Exploit DB Packet Storm
194362 4.3 警告 Bitweaver - Bitweaver におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0526 2012-06-26 15:46 2007-01-25 Show GitHub Exploit DB Packet Storm
194363 7.5 危険 grigoriadis - Nickolas Grigoriadis MiniWebsvr におけるバッファオーバーフローの脆弱性 - CVE-2007-0525 2012-06-26 15:46 2007-01-25 Show GitHub Exploit DB Packet Storm
194364 10 危険 awffull - AWFFull の graphs.c におけるバッファオーバーフローの脆弱性 - CVE-2007-0510 2012-06-26 15:46 2007-01-25 Show GitHub Exploit DB Packet Storm
194365 7.5 危険 bbclone - BBClone の lib/selectlang.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0508 2012-06-26 15:46 2007-01-25 Show GitHub Exploit DB Packet Storm
194366 6 警告 Drupal - Drupal 用の Acidfree モジュールにおける任意の SQL コマンドを実行される脆弱性 - CVE-2007-0507 2012-06-26 15:46 2007-01-23 Show GitHub Exploit DB Packet Storm
194367 6 警告 Drupal - Drupal 用の Project issue tracking モジュールにおけるアクセスコントロールモジュールを回避される脆弱性 - CVE-2007-0506 2012-06-26 15:46 2007-01-23 Show GitHub Exploit DB Packet Storm
194368 8.5 危険 Drupal - Drupal 用の Project issue tracking モジュールにおける任意のコードを実行される脆弱性 - CVE-2007-0505 2012-06-26 15:46 2007-01-23 Show GitHub Exploit DB Packet Storm
194369 7.5 危険 bradabra - Bradabra の include/includes.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0500 2012-06-26 15:46 2007-01-25 Show GitHub Exploit DB Packet Storm
194370 7.5 危険 enthusiast - Enthusiast における SQL インジェクションの脆弱性 - CVE-2007-0484 2012-06-26 15:46 2007-01-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
261 - - - Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens,… New CWE-285
Improper Authorization
CVE-2024-52528 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
262 - - - Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a user was stored unencrypted in the session data. The session data is encrypted before being saved i… New CWE-312
 Cleartext Storage of Sensitive Information
CVE-2024-52525 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
263 - - - Nextcloud Server is a self hosted personal cloud system. MD5 hashes were used to check background jobs for their uniqueness. This increased the chances of a background job with arguments falsely bein… New CWE-328
 Use of Weak Hash
CVE-2024-52521 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
264 - - - Nextcloud Server is a self hosted personal cloud system. The OAuth2 client secrets were stored in a recoverable way, so that an attacker that got access to a backup of the database and the Nextcloud … New CWE-922
 Insecure Storage of Sensitive Information
CVE-2024-52519 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
265 - - - Nextcloud Server is a self hosted personal cloud system. After an attacker got access to the session of a user or administrator, the attacker would be able to create, change or delete external storag… New CWE-287
Improper Authentication
CVE-2024-52518 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
266 - - - Nextcloud Server is a self hosted personal cloud system. After storing "Global credentials" on the server, the API returns them and adds them into the frontend again, allowing to read them in plain t… New CWE-200
Information Exposure
CVE-2024-52517 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
267 - - - Nextcloud Server is a self hosted personal cloud system. When a server is configured to only allow sharing with users that are in ones own groups, after a user was removed from a group, previously sh… New CWE-269
 Improper Privilege Management
CVE-2024-52516 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
268 - - - Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled SVG preview provider, a malicious user could upload a manipulated SVG file referencing paths. If t… New CWE-706
 Use of Incorrectly-Resolved Name or Reference
CVE-2024-52515 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
269 - - - emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write malicious JavaScript code in published articles. New - CVE-2024-50655 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
270 - - - lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain coupons beyond the quantity limit by capturing and sending the data packets for coupon collection in hi… New - CVE-2024-50654 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm