Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 15, 2024, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
195211	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin の libraries/Error.class.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2958	2012-03-27 18:42	2010-08-30	Show	GitHub Exploit DB Packet Storm

195212	2.6	注意	s9y	-	Serendipity におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2957	2012-03-27 18:42	2010-08-27	Show	GitHub Exploit DB Packet Storm

195213	6.9	警告	Apache Software Foundation	-	Debian GNU/Linux の CouchDB における権限昇格の脆弱性	CWE-Other その他	CVE-2010-2953	2012-03-27 18:42	2010-09-9	Show	GitHub Exploit DB Packet Storm

195214	4.3	警告	Apache Software Foundation	-	Apache Traffic Server における内部 DNS キャッシュポイズニングの脆弱性	CWE-20 不適切な入力確認	CVE-2010-2952	2012-03-27 18:42	2010-09-13	Show	GitHub Exploit DB Packet Storm

195215	5	警告	Squid-cache.org	-	Squid の dns_internal.cc におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2010-2951	2012-03-27 18:42	2010-10-12	Show	GitHub Exploit DB Packet Storm

195216	2.1	注意	Linux	-	Linux kernel の fs/jfs/xattr.c における xattr 名前空間の制限を回避する脆弱性	CWE-20 不適切な入力確認	CVE-2010-2946	2012-03-27 18:42	2010-09-29	Show	GitHub Exploit DB Packet Storm

195217	8.5	危険	LANDesk	-	LANDesk Management Gateway の gsb/drivers.php における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2892	2012-03-27 18:42	2010-11-15	Show	GitHub Exploit DB Packet Storm

195218	7.5	危険	tu-braunschweig	-	libsmi の smiGetNode 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2891	2012-03-27 18:42	2010-10-27	Show	GitHub Exploit DB Packet Storm

195219	6.8	警告	MediaWiki	-	MediaWiki の MediaWikiParserTest.php における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-2789	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

195220	2.6	注意	MediaWiki	-	MediaWiki の profileinfo.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2788	2012-03-27 18:42	2011-04-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
831	6.7	MEDIUM Local	-	-	Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability	CWE-822 Untrusted Pointer Dereference	CVE-2024-37983	2024-10-10 21:56	2024-10-9	Show	GitHub Exploit DB Packet Storm

832	6.7	MEDIUM Local	-	-	Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability	CWE-822 Untrusted Pointer Dereference	CVE-2024-37982	2024-10-10 21:56	2024-10-9	Show	GitHub Exploit DB Packet Storm

833	6.7	MEDIUM Local	-	-	Windows Kernel Elevation of Privilege Vulnerability	CWE-822 Untrusted Pointer Dereference	CVE-2024-37979	2024-10-10 21:56	2024-10-9	Show	GitHub Exploit DB Packet Storm

834	6.7	MEDIUM Local	-	-	Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability	CWE-190 Integer Overflow or Wraparound	CVE-2024-37976	2024-10-10 21:56	2024-10-9	Show	GitHub Exploit DB Packet Storm

835	-		-	-	NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a…	-	CVE-2024-35215	2024-10-10 21:56	2024-10-9	Show	GitHub Exploit DB Packet Storm

836	8.0	HIGH Adjacent	-	-	Windows Hyper-V Remote Code Execution Vulnerability	CWE-20 CWE-829 Improper Input Validation Inclusion of Functionality from Untrusted Control Sphere	CVE-2024-30092	2024-10-10 21:56	2024-10-9	Show	GitHub Exploit DB Packet Storm

837	-		-	-	An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service (ReDOS) via supplying a crafted string.	-	CVE-2024-25885	2024-10-10 21:56	2024-10-9	Show	GitHub Exploit DB Packet Storm

838	7.1	HIGH Adjacent	-	-	Windows Hyper-V Security Feature Bypass Vulnerability	CWE-20 Improper Input Validation	CVE-2024-20659	2024-10-10 21:56	2024-10-9	Show	GitHub Exploit DB Packet Storm

839	5.3	MEDIUM Network	-	-	A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smuggling request with an ASCII control character is …	CWE-444 HTTP Request Smuggling	CVE-2024-9622	2024-10-10 21:56	2024-10-9	Show	GitHub Exploit DB Packet Storm

840	5.3	MEDIUM Network	-	-	A vulnerability was found in Quarkus CXF. Passwords and other secrets may appear in the application log in spite of the user configuring them to be hidden. This issue requires some special configura…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2024-9621	2024-10-10 21:56	2024-10-9	Show	GitHub Exploit DB Packet Storm