Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 12, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195151 7.5 危険 tu-braunschweig - libsmi の smiGetNode 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2891 2012-03-27 18:42 2010-10-27 Show GitHub Exploit DB Packet Storm
195152 6.8 警告 MediaWiki - MediaWiki の MediaWikiParserTest.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2789 2012-03-27 18:42 2011-04-26 Show GitHub Exploit DB Packet Storm
195153 2.6 注意 MediaWiki - MediaWiki の profileinfo.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2788 2012-03-27 18:42 2011-04-26 Show GitHub Exploit DB Packet Storm
195154 4.3 警告 MediaWiki - MediaWiki の api.php における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-2787 2012-03-27 18:42 2011-04-26 Show GitHub Exploit DB Packet Storm
195155 9 危険 シスコシステムズ - Cisco WLC におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2843 2012-03-27 18:42 2010-09-8 Show GitHub Exploit DB Packet Storm
195156 9 危険 シスコシステムズ - Cisco WLC におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2842 2012-03-27 18:42 2010-09-8 Show GitHub Exploit DB Packet Storm
195157 6.8 警告 シスコシステムズ - Cisco WLC におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-2841 2012-03-27 18:42 2010-09-8 Show GitHub Exploit DB Packet Storm
195158 3.5 注意 MantisBT Group - MantisBT におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2802 2012-03-27 18:42 2010-05-23 Show GitHub Exploit DB Packet Storm
195159 6.8 警告 dest-unreach.org - Socat の nestlex 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2799 2012-03-27 18:42 2010-09-14 Show GitHub Exploit DB Packet Storm
195160 7.5 危険 CMS Made Simple - CMS Made Simple の lib/translation.functions.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-2797 2012-03-27 18:42 2010-07-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
521 - - - Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing onl… Update CWE-94
Code Injection 		CVE-2024-43363 2024-10-10 21:57 2024-10-8 Show GitHub Exploit DB Packet Storm
522 - - - Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access. Update - CVE-2024-47976 2024-10-10 21:57 2024-10-8 Show GitHub Exploit DB Packet Storm
523 - - - Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control the performance of the resource. Update - CVE-2024-47972 2024-10-10 21:57 2024-10-8 Show GitHub Exploit DB Packet Storm
524 - - - Improper error handling in firmware of some SSD DC Products may allow an attacker to enable denial of service. Update - CVE-2024-47971 2024-10-10 21:57 2024-10-8 Show GitHub Exploit DB Packet Storm
525 - - - Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmware implementation for the broader projec… Update CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2024-47079 2024-10-10 21:57 2024-10-8 Show GitHub Exploit DB Packet Storm
526 - - - PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. `\PhpOffice\PhpSpreadsheet\Writer\Html` does not sanitize "javascript:" URLs from hyperlink `href` attributes, resultin… Update CWE-79
Cross-site Scripting 		CVE-2024-45292 2024-10-10 21:57 2024-10-8 Show GitHub Exploit DB Packet Storm
527 - - - Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stor… Update CWE-79
Cross-site Scripting 		CVE-2024-43364 2024-10-10 21:57 2024-10-8 Show GitHub Exploit DB Packet Storm
528 - - - Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed i… Update CWE-79
Cross-site Scripting 		CVE-2024-43362 2024-10-10 21:57 2024-10-8 Show GitHub Exploit DB Packet Storm
529 - - - PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The security scanner responsible for preventing XXE attacks in the XLSX reader can be bypassed by slightly modifying th… Update - CVE-2024-45293 2024-10-10 21:57 2024-10-8 Show GitHub Exploit DB Packet Storm
530 - - - Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potent… Update CWE-20
CWE-121
 Improper Input Validation 
Stack-based Buffer Overflow 		CVE-2024-31449 2024-10-10 21:57 2024-10-8 Show GitHub Exploit DB Packet Storm