Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194391 6.8 警告 easebay resources - Easebay Resources Paypal Subscription Manager の admin/edit_member.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0402 2012-06-26 15:46 2007-01-22 Show GitHub Exploit DB Packet Storm
194392 7.5 危険 easebay resources - Easebay Resources Login Manager の admin/memberlist.php における SQL インジェクションの脆弱性 - CVE-2007-0401 2012-06-26 15:46 2007-01-22 Show GitHub Exploit DB Packet Storm
194393 6.8 警告 easebay resources - Easebay Resources Login Manager の admin/memberlist.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0400 2012-06-26 15:46 2007-01-22 Show GitHub Exploit DB Packet Storm
194394 6.8 警告 arnotic - Arnaud Guyonne a-forum の forum.php3 におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0398 2012-06-26 15:46 2007-01-22 Show GitHub Exploit DB Packet Storm
194395 6.4 警告 シスコシステムズ - CS-MARS などにおける正確でない情報を生成される脆弱性 - CVE-2007-0397 2012-06-26 15:46 2007-01-18 Show GitHub Exploit DB Packet Storm
194396 7.5 危険 comvironment - ComVironment の libraries/grab_globals.lib.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0395 2012-06-26 15:46 2007-01-19 Show GitHub Exploit DB Packet Storm
194397 7.2 危険 BitDefender - BitDefender Client Professional Plus の ログ作成機能におけるフォーマットストリングの脆弱性 - CVE-2007-0391 2012-06-26 15:46 2007-01-18 Show GitHub Exploit DB Packet Storm
194398 7.8 危険 arsdigita - ACS および ACES におけるディレクトリトラバーサルの脆弱性 - CVE-2007-0389 2012-06-26 15:46 2007-01-19 Show GitHub Exploit DB Packet Storm
194399 7.5 危険 ATRC - ATutor における SQL インジェクションの脆弱性 - CVE-2007-0381 2012-06-26 15:46 2007-01-19 Show GitHub Exploit DB Packet Storm
194400 5 警告 docman - DocMan における重要な情報 (フルパス) を取得される脆弱性 - CVE-2007-0380 2012-06-26 15:46 2007-01-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191 7.8 HIGH
Local 		amd ryzen_ai_software Improper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary code execution. Update NVD-CWE-noinfo
CVE-2024-21974 2024-11-16 04:20 2024-11-13 Show GitHub Exploit DB Packet Storm
192 5.5 MEDIUM
Local 		amd ryzen_ai_software Improper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading to system crash. Update NVD-CWE-noinfo
CVE-2024-21949 2024-11-16 04:20 2024-11-13 Show GitHub Exploit DB Packet Storm
193 - - - An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication (IPC) mechanism between Cura application and CuraEngine proces… New - CVE-2024-51330 2024-11-16 04:15 2024-11-16 Show GitHub Exploit DB Packet Storm
194 - - - An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information via the captcha feature in the password reset function. New - CVE-2024-51037 2024-11-16 04:15 2024-11-16 Show GitHub Exploit DB Packet Storm
195 - - - GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17. New CWE-89
SQL Injection 		CVE-2024-45608 2024-11-16 04:15 2024-11-16 Show GitHub Exploit DB Packet Storm
196 - - - GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.1… New CWE-79
Cross-site Scripting 		CVE-2024-43418 2024-11-16 04:15 2024-11-16 Show GitHub Exploit DB Packet Storm
197 - - - GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Sof… New CWE-79
Cross-site Scripting 		CVE-2024-43417 2024-11-16 04:15 2024-11-16 Show GitHub Exploit DB Packet Storm
198 - - - GLPI is a free asset and IT management software package. An authenticated user can exploit a SQL injection vulnerability from the ticket form. Upgrade to 10.0.17. New CWE-89
SQL Injection 		CVE-2024-41679 2024-11-16 04:15 2024-11-16 Show GitHub Exploit DB Packet Storm
199 - - - An uninitialized pointer dereference in OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialContextSetupResponse message sent to the AMF. New - CVE-2024-24446 2024-11-16 04:15 2024-11-16 Show GitHub Exploit DB Packet Storm
200 - - - A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet with a zero-length EMM message length. New - CVE-2024-24431 2024-11-16 04:15 2024-11-16 Show GitHub Exploit DB Packet Storm