Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 15, 2024, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194791	6.9	警告	Mono Project	-	Mono の metadata/loader.c における権限を取得される脆弱性	CWE-Other その他	CVE-2010-4159	2012-03-27 18:42	2010-09-26	Show	GitHub Exploit DB Packet Storm

194792	4.3	警告	exv2	-	eXV2 CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4155	2012-03-27 18:42	2010-11-3	Show	GitHub Exploit DB Packet Storm

194793	9.3	危険	rhinosoft	-	Rhino の FTP Voyager におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4154	2012-03-27 18:42	2010-11-3	Show	GitHub Exploit DB Packet Storm

194794	9.3	危険	crossftp	-	CrossFTP Pro におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4153	2012-03-27 18:42	2010-11-3	Show	GitHub Exploit DB Packet Storm

194795	7.5	危険	4site	-	4site CMS の catalog/index.shtml における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4152	2012-03-27 18:42	2010-11-3	Show	GitHub Exploit DB Packet Storm

194796	6.8	警告	deluxebb	-	DeluxeBB における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4151	2012-03-27 18:42	2010-11-3	Show	GitHub Exploit DB Packet Storm

194797	9.3	危険	freshwebmaster	-	FreshWebMaster Fresh FTP におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4149	2012-03-27 18:42	2010-11-1	Show	GitHub Exploit DB Packet Storm

194798	9.3	危険	anyconnect	-	AnyConnect におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-4148	2012-03-27 18:42	2010-11-1	Show	GitHub Exploit DB Packet Storm

194799	7.5	危険	avactis	-	Pentasoft Avactis Shopping Cart における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4147	2012-03-27 18:42	2010-11-1	Show	GitHub Exploit DB Packet Storm

194800	4.3	警告	Attachmate	-	Web 2008 の Attachmate Reflection におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4146	2012-03-27 18:42	2010-11-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
521	6.7	MEDIUM Local	linuxfoundation rdkcentral google openwrt	yocto rdk-b android openwrt	In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…	CWE-787 Out-of-bounds Write	CVE-2023-20829	2024-10-11 01:35	2023-09-4	Show	GitHub Exploit DB Packet Storm

522	6.7	MEDIUM Local	linuxfoundation rdkcentral google openwrt	yocto rdk-b android openwrt	In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…	CWE-787 Out-of-bounds Write	CVE-2023-20828	2024-10-11 01:35	2023-09-4	Show	GitHub Exploit DB Packet Storm

523	6.4	MEDIUM Local	google	android	In ims service, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…	CWE-362 Race Condition	CVE-2023-20827	2024-10-11 01:35	2023-09-4	Show	GitHub Exploit DB Packet Storm

524	7.8	HIGH Local	intel	unite	Improper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated user to potentially enable escalation of privilege via local ac…	NVD-CWE-noinfo	CVE-2023-25773	2024-10-11 01:35	2023-08-11	Show	GitHub Exploit DB Packet Storm

525	7.5	HIGH Network	atlassian	data_center jira	Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the /rest/gad…	NVD-CWE-noinfo	CVE-2021-39123	2024-10-11 01:35	2021-09-14	Show	GitHub Exploit DB Packet Storm

526	5.3	MEDIUM Network	atlassian	data_center jira	Affected versions of Atlassian Jira Server and Data Center allow remote attackers to discover the usernames and full names of users via an enumeration vulnerability in the /rest/api/1.0/render endpoi…	NVD-CWE-noinfo	CVE-2021-39118	2024-10-11 01:35	2021-09-14	Show	GitHub Exploit DB Packet Storm

527	5.3	MEDIUM Network	atlassian	data_center jira jira_server jira_data_center	Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The a…	NVD-CWE-noinfo	CVE-2021-39122	2024-10-11 01:35	2021-09-8	Show	GitHub Exploit DB Packet Storm

528	7.8	HIGH Local	libcap_project redhat fedoraproject debian	libcap enterprise_linux fedora debian_linux	A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.	CWE-190 Integer Overflow or Wraparound	CVE-2023-2603	2024-10-11 01:32	2023-06-7	Show	GitHub Exploit DB Packet Storm

529	-		-	-	A vulnerability, which was classified as critical, has been found in Codezips Online Shopping Portal 1.0. This issue affects some unknown processing of the file /update-image1.php. The manipulation o…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-9794	2024-10-11 01:15	2024-10-11	Show	GitHub Exploit DB Packet Storm

530	-		-	-	A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This vulnerability affects the function ate_iwpriv_set/ate_ifconfig_set of the file /goform/ate. The manipulation l…	CWE-77 Command Injection	CVE-2024-9793	2024-10-11 01:15	2024-10-11	Show	GitHub Exploit DB Packet Storm