Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 14, 2024, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194631	9.3	危険	Nullsoft	-	Winamp の in_nsv プラグインにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-4372	2012-03-27 18:42	2010-11-27	Show	GitHub Exploit DB Packet Storm

194632	9.3	危険	Nullsoft	-	Winamp の in_mod プラグインにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4371	2012-03-27 18:42	2010-11-27	Show	GitHub Exploit DB Packet Storm

194633	9.3	危険	Nullsoft	-	Winamp の in_midi プラグインにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-4370	2012-03-27 18:42	2010-11-27	Show	GitHub Exploit DB Packet Storm

194634	6.4	警告	Laurent Destailleur	-	AWStats におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4369	2012-03-27 18:42	2010-12-2	Show	GitHub Exploit DB Packet Storm

194635	7.5	危険	Laurent Destailleur	-	AWStats における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-4368	2012-03-27 18:42	2010-12-2	Show	GitHub Exploit DB Packet Storm

194636	6	警告	Bharat Mediratta	-	Menalto Gallery の modules/gallery/models/item.php における任意コードを実行される脆弱性	CWE-Other その他	CVE-2010-4353	2012-03-27 18:42	2011-01-24	Show	GitHub Exploit DB Packet Storm

194637	4.3	警告	Apache Software Foundation	-	libcloud における証明書偽造の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-4340	2012-03-27 18:42	2011-09-12	Show	GitHub Exploit DB Packet Storm

194638	4.3	警告	hypermail-project	-	Hypermail におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4339	2012-03-27 18:42	2011-01-14	Show	GitHub Exploit DB Packet Storm

194639	6.2	警告	jwilk	-	ocrodjvu における任意のファイルを変更される脆弱性	CWE-59 リンク解釈の問題	CVE-2010-4338	2012-03-27 18:42	2011-01-20	Show	GitHub Exploit DB Packet Storm

194640	3.3	注意	GNU Project	-	gnash の configure スクリプトにおける任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2010-4337	2012-03-27 18:42	2011-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
91	5.3	MEDIUM Network	apache	openmeetings	Attacker can access arbitrary recording/room Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 Update	CWE-697 Incorrect Comparison	CVE-2023-28936	2024-10-12 06:35	2023-05-12	Show	GitHub Exploit DB Packet Storm

92	9.8	CRITICAL Network	apache	airflow	Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0. Update	NVD-CWE-noinfo	CVE-2023-25754	2024-10-12 06:35	2023-05-8	Show	GitHub Exploit DB Packet Storm

93	8.1	HIGH Network	apache	ranger	An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in… Update	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2021-40331	2024-10-12 06:35	2023-05-5	Show	GitHub Exploit DB Packet Storm

94	4.3	MEDIUM Network	google	chrome	Insufficient policy enforcement in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security s… Update	NVD-CWE-noinfo	CVE-2023-1228	2024-10-12 06:35	2023-03-8	Show	GitHub Exploit DB Packet Storm

95	8.8	HIGH Network	google	chrome	Use after free in Core in Google Chrome on Lacros prior to 111.0.5563.64 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via… Update	CWE-416 Use After Free	CVE-2023-1227	2024-10-12 06:35	2023-03-8	Show	GitHub Exploit DB Packet Storm

96	8.8	HIGH Network	google	chrome	Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Me… Update	CWE-787 Out-of-bounds Write	CVE-2023-1222	2024-10-12 06:35	2023-03-8	Show	GitHub Exploit DB Packet Storm

97	5.3	MEDIUM Network	atlassian	jira jira_software_data_center jira_server jira_data_center	Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affe… Update	NVD-CWE-Other	CVE-2021-39127	2024-10-12 06:35	2021-10-21	Show	GitHub Exploit DB Packet Storm

98	7.2	HIGH Network	atlassian	jira_server jira_data_center	Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-si… Update	CWE-94 Code Injection	CVE-2021-39128	2024-10-12 06:35	2021-09-16	Show	GitHub Exploit DB Packet Storm

99	5.3	MEDIUM Network	atlassian	data_center jira	Affected versions of Atlassian Jira Server and Data Center allow users who have watched an issue to continue receiving updates on the issue even after their Jira account is revoked, via a Broken Acce… Update	CWE-863 Incorrect Authorization	CVE-2021-39119	2024-10-12 06:35	2021-09-2	Show	GitHub Exploit DB Packet Storm

100	7.2	HIGH Network	atlassian	jira_service_desk jira_service_management	Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands … Update	CWE-94 Code Injection	CVE-2021-39115	2024-10-12 06:35	2021-09-2	Show	GitHub Exploit DB Packet Storm