Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 10, 2024, 12:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194981 2.1 注意 VMware - VMware Workstation および VMware Player のインストーラにおける Web スクリプトまたは HTML の想定外の解釈が発生する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3277 2012-03-27 18:42 2010-09-23 Show GitHub Exploit DB Packet Storm
194982 9.3 危険 VideoLAN - VideoLAN VLC Media Player の libdirectx_plugin.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-3276 2012-03-27 18:42 2011-03-28 Show GitHub Exploit DB Packet Storm
194983 9.3 危険 VideoLAN - VideoLAN VLC Media Player の libdirectx_plugin.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-3275 2012-03-27 18:42 2011-03-28 Show GitHub Exploit DB Packet Storm
194984 4.3 警告 Zoho Corporation - ZOHO ManageEngine ADSelfService Plus の Employee Search Engine におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3274 2012-03-27 18:42 2011-02-17 Show GitHub Exploit DB Packet Storm
194985 5 警告 Zoho Corporation - ZOHO ManageEngine ADSelfService Plus における任意のユーザアカウントへのアクセスを取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3273 2012-03-27 18:42 2011-02-17 Show GitHub Exploit DB Packet Storm
194986 4.3 警告 Zoho Corporation - ZOHO ManageEngine ADSelfService Plus の security-questions 実装における任意のユーザアカウントへのアクセスを取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3272 2012-03-27 18:42 2011-02-17 Show GitHub Exploit DB Packet Storm
194987 6.8 警告 IBM - IBM WAS の Integrated Solutions Console におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3271 2012-03-27 18:42 2011-07-18 Show GitHub Exploit DB Packet Storm
194988 6.8 警告 シスコシステムズ - Cisco WebEx Meeting Center T27LB におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-3270 2012-03-27 18:42 2011-02-1 Show GitHub Exploit DB Packet Storm
194989 9.3 危険 シスコシステムズ - Cisco WRF および ARF Player T27LB におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-3269 2012-03-27 18:42 2011-02-1 Show GitHub Exploit DB Packet Storm
194990 6.4 警告 orbeon - Orbeon Forms の XForms サービスの xforms-server コンポーネントにおけるイントラネットサーバへ HTTP リクエストを送信される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3260 2012-03-27 18:42 2011-04-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 10, 2024, 12:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
101 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed_udc: validate endpoint index for ast udc We should verify the bound of the array to assure that host may not … Update CWE-129
 Improper Validation of Array Index 		CVE-2024-46836 2024-10-10 00:47 2024-09-27 Show GitHub Exploit DB Packet Storm
102 4.8 MEDIUM
Network 		ays-pro popup_box The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when … Update CWE-79
Cross-site Scripting 		CVE-2023-6591 2024-10-10 00:39 2024-02-13 Show GitHub Exploit DB Packet Storm
103 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high priorities on group_create We were allowing any users to create a high priority group without any perm… Update NVD-CWE-noinfo
CVE-2024-46837 2024-10-10 00:37 2024-09-27 Show GitHub Exploit DB Packet Storm
104 7.3 HIGH
Network 		essentialplugin album_and_image_gallery_plus_lightbox The The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0. This is due to the software allowing users… Update NVD-CWE-noinfo
CVE-2024-4194 2024-10-10 00:36 2024-06-6 Show GitHub Exploit DB Packet Storm
105 - - - PublicCMS V4.0.202406.d was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted script to the Category Managment feature New - CVE-2024-46410 2024-10-10 00:35 2024-10-9 Show GitHub Exploit DB Packet Storm
106 - - - An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service (ReDOS) via supplying a crafted string. New - CVE-2024-25885 2024-10-10 00:35 2024-10-9 Show GitHub Exploit DB Packet Storm
107 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: userfaultfd: don't BUG_ON() if khugepaged yanks our page table Since khugepaged was changed to allow retracting page tables in fi… Update NVD-CWE-noinfo
CVE-2024-46838 2024-10-10 00:35 2024-09-27 Show GitHub Exploit DB Packet Storm
108 7.5 HIGH
Network 		jqlang jq decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds write via the " []-1.2e-1111111111" input. NOTE: this is not the same as CVE-2023-50246. The CVE-2023-50246 71c2ab5 ref… Update CWE-787
 Out-of-bounds Write 		CVE-2023-49355 2024-10-10 00:35 2023-12-11 Show GitHub Exploit DB Packet Storm
109 7.5 HIGH
Network 		google android In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosu… Update CWE-125
Out-of-bounds Read 		CVE-2023-48398 2024-10-10 00:35 2023-12-9 Show GitHub Exploit DB Packet Storm
110 6.1 MEDIUM
Network 		dedecms dedecms DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the imgstick parameter at selectimages.php. Update CWE-79
Cross-site Scripting 		CVE-2023-49492 2024-10-10 00:35 2023-12-8 Show GitHub Exploit DB Packet Storm