Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 10, 2024, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194941 6.9 警告 scilab - Scilab の scilab スクリプトにおける権限を取得される脆弱性 CWE-DesignError
CVE-2010-3378 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
194942 6.9 警告 salome-platform - SALOME の runSalome スクリプトにおける権限を取得される脆弱性 CWE-DesignError
CVE-2010-3377 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
194943 6.9 警告 CERN - ROOT の proofserv などのスクリプトにおける権限を取得される脆弱性 CWE-DesignError
CVE-2010-3376 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
194944 6.9 警告 ノキア - Qt Creator における権限を取得される脆弱性 CWE-DesignError
CVE-2010-3374 2012-03-27 18:42 2010-10-4 Show GitHub Exploit DB Packet Storm
194945 6.9 警告 nordugrid - NorduGrid ARC における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-3372 2012-03-27 18:42 2010-10-29 Show GitHub Exploit DB Packet Storm
194946 6.9 警告 Debian - mono-debugger の mdb スクリプトおよび mdb-symbolreader スクリプトにおける権限を取得される脆弱性 CWE-DesignError
CVE-2010-3369 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
194947 6.9 警告 zeus.physik.uni-bonn - Mn_Fit における権限を取得される脆弱性 CWE-DesignError
CVE-2010-3366 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
194948 6.9 警告 mistelix - Mistelix における権限を取得される脆弱性 CWE-DesignError
CVE-2010-3365 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
194949 6.9 警告 vips - VIPS の vips-7.22 スクリプトにおける権限を取得される脆弱性 CWE-DesignError
CVE-2010-3364 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
194950 6.9 警告 roaraudio - roaraudio の roarify における権限を取得される脆弱性 CWE-DesignError
CVE-2010-3363 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 10, 2024, 4:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
61 - - - Mware NSX contains a command injection vulnerability.  A malicious actor with access to the NSX Edge CLI terminal may be able to craft malicious payloads to execute arbitrary commands on the operati… New - CVE-2024-38817 2024-10-10 05:15 2024-10-10 Show GitHub Exploit DB Packet Storm
62 - - - VMware NSX contains a content spoofing vulnerability.  An unauthenticated malicious actor may be able to craft a URL and redirect a victim to an attacker controlled domain leading to sensitive infor… New - CVE-2024-38815 2024-10-10 05:15 2024-10-10 Show GitHub Exploit DB Packet Storm
63 - - - HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to because of improperly handling the request d… New - CVE-2024-30118 2024-10-10 05:15 2024-10-10 Show GitHub Exploit DB Packet Storm
64 - - - Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in `extract32(b, start)`, if the `start` index provided has for side effect to update `b`, the byte … Update - CVE-2024-24564 2024-10-10 05:15 2024-02-27 Show GitHub Exploit DB Packet Storm
65 9.8 CRITICAL
Network 		vyperlang vyper Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existin… Update CWE-787
 Out-of-bounds Write 		CVE-2024-22419 2024-10-10 05:15 2024-01-19 Show GitHub Exploit DB Packet Storm
66 7.5 HIGH
Network 		google android In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is n… Update CWE-295
Improper Certificate Validation  		CVE-2023-21265 2024-10-10 04:35 2023-08-15 Show GitHub Exploit DB Packet Storm
67 6.8 MEDIUM
Physics 		google android In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with phy… Update CWE-862
 Missing Authorization 		CVE-2023-21140 2024-10-10 04:35 2023-08-15 Show GitHub Exploit DB Packet Storm
68 6.8 MEDIUM
Physics 		google android In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with phy… Update CWE-862
 Missing Authorization 		CVE-2023-21134 2024-10-10 04:35 2023-08-15 Show GitHub Exploit DB Packet Storm
69 7.5 HIGH
Network 		atlassian jira
jira_software_data_center
jira_server 		Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view private project and filter names via an Insecure Direct Object References (IDOR) vulnerability in t… Update CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2021-41306 2024-10-10 04:35 2021-10-26 Show GitHub Exploit DB Packet Storm
70 - - - An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path… New CWE-200
Information Exposure 		CVE-2024-7038 2024-10-10 04:15 2024-10-10 Show GitHub Exploit DB Packet Storm