Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 12, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194741 4.3 警告 exv2 - eXV2 CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4155 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
194742 9.3 危険 rhinosoft - Rhino の FTP Voyager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4154 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
194743 9.3 危険 crossftp - CrossFTP Pro におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4153 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
194744 7.5 危険 4site - 4site CMS の catalog/index.shtml における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4152 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
194745 6.8 警告 deluxebb - DeluxeBB における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4151 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
194746 9.3 危険 freshwebmaster - FreshWebMaster Fresh FTP におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4149 2012-03-27 18:42 2010-11-1 Show GitHub Exploit DB Packet Storm
194747 9.3 危険 anyconnect - AnyConnect におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4148 2012-03-27 18:42 2010-11-1 Show GitHub Exploit DB Packet Storm
194748 7.5 危険 avactis - Pentasoft Avactis Shopping Cart における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4147 2012-03-27 18:42 2010-11-1 Show GitHub Exploit DB Packet Storm
194749 4.3 警告 Attachmate - Web 2008 の Attachmate Reflection におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4146 2012-03-27 18:42 2010-11-1 Show GitHub Exploit DB Packet Storm
194750 5 警告 ASP indir - Kisisel Radyo Script におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4145 2012-03-27 18:42 2010-11-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
71 7.5 HIGH
Network 		apache inlong Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and … Update CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2023-31206 2024-10-12 06:35 2023-05-22 Show GitHub Exploit DB Packet Storm
72 7.5 HIGH
Network 		apache inlong Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' op… Update CWE-502
 Deserialization of Untrusted Data 		CVE-2023-31058 2024-10-12 06:35 2023-05-22 Show GitHub Exploit DB Packet Storm
73 9.8 CRITICAL
Network 		apache sling_commons_json Improper input validation in the Apache Sling Commons JSON bundle allows an attacker to trigger unexpected errors by supplying specially-crafted input. The org.apache.sling.commons.json bundle has b… Update CWE-20
 Improper Input Validation  		CVE-2022-47937 2024-10-12 06:35 2023-05-15 Show GitHub Exploit DB Packet Storm
74 7.2 HIGH
Network 		apache openmeetings An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 Update CWE-20
 Improper Input Validation  		CVE-2023-29246 2024-10-12 06:35 2023-05-12 Show GitHub Exploit DB Packet Storm
75 8.1 HIGH
Network 		apache openmeetings An attacker that has gained access to certain private information can use this to act as other user. Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 3.1.3 before … Update CWE-287
Improper Authentication 		CVE-2023-29032 2024-10-12 06:35 2023-05-12 Show GitHub Exploit DB Packet Storm
76 5.3 MEDIUM
Network 		apache openmeetings Attacker can access arbitrary recording/room Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 Update CWE-697
 Incorrect Comparison 		CVE-2023-28936 2024-10-12 06:35 2023-05-12 Show GitHub Exploit DB Packet Storm
77 9.8 CRITICAL
Network 		apache airflow Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0. Update NVD-CWE-noinfo
CVE-2023-25754 2024-10-12 06:35 2023-05-8 Show GitHub Exploit DB Packet Storm
78 8.1 HIGH
Network 		apache ranger An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in… Update CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2021-40331 2024-10-12 06:35 2023-05-5 Show GitHub Exploit DB Packet Storm
79 4.3 MEDIUM
Network 		google chrome Insufficient policy enforcement in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security s… Update NVD-CWE-noinfo
CVE-2023-1228 2024-10-12 06:35 2023-03-8 Show GitHub Exploit DB Packet Storm
80 8.8 HIGH
Network 		google chrome Use after free in Core in Google Chrome on Lacros prior to 111.0.5563.64 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via… Update CWE-416
 Use After Free 		CVE-2023-1227 2024-10-12 06:35 2023-03-8 Show GitHub Exploit DB Packet Storm