Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 11, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195431 5 警告 NetMechanica - NetMechanica NetDecision の Dashboard Server におけるインストールパスを取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-1464 2012-03-22 17:22 2012-03-19 Show GitHub Exploit DB Packet Storm
195432 6.8 警告 Contao - Contao の main.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-1297 2012-03-22 17:18 2012-03-19 Show GitHub Exploit DB Packet Storm
195433 4.3 警告 tskynet - Kongreg8 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1789 2012-03-22 17:16 2012-03-19 Show GitHub Exploit DB Packet Storm
195434 7.5 危険 Dotclear - Dotclear の inc/swf/swfupload.swf における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5083 2012-03-22 17:15 2012-03-19 Show GitHub Exploit DB Packet Storm
195435 4.3 警告 WonderDesk - WonderDesk SQL の wonderdesk.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1788 2012-03-22 16:59 2012-03-19 Show GitHub Exploit DB Packet Storm
195436 4.3 警告 s2Member - WordPress 用 s2Member Pro プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5082 2012-03-22 16:55 2012-03-19 Show GitHub Exploit DB Packet Storm
195437 5 警告 Bitweaver - Bitweaver の wiki/rankings.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-5086 2012-03-22 16:54 2012-03-19 Show GitHub Exploit DB Packet Storm
195438 4.3 警告 Webglimpse - Webglimpse の wgarcmin.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1787 2012-03-22 16:48 2012-03-19 Show GitHub Exploit DB Packet Storm
195439 5 警告 Internet WorkShop - WebGlimpse の wgarcmin.cgi におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-5114 2012-03-22 16:41 2012-03-19 Show GitHub Exploit DB Packet Storm
195440 4.3 警告 Internet WorkShop - WebGlimpse の wgarcmin.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-5113 2012-03-22 16:40 2012-03-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
251 5.3 MEDIUM
Network 		atlassian data_center
jira
jira_server
jira_data_center 		Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The a… Update NVD-CWE-noinfo
CVE-2021-39122 2024-10-11 01:35 2021-09-8 Show GitHub Exploit DB Packet Storm
252 7.8 HIGH
Local 		libcap_project
redhat
fedoraproject
debian 		libcap
enterprise_linux
fedora
debian_linux 		A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. Update CWE-190
 Integer Overflow or Wraparound 		CVE-2023-2603 2024-10-11 01:32 2023-06-7 Show GitHub Exploit DB Packet Storm
253 - - - A vulnerability, which was classified as critical, has been found in Codezips Online Shopping Portal 1.0. This issue affects some unknown processing of the file /update-image1.php. The manipulation o… New CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-9794 2024-10-11 01:15 2024-10-11 Show GitHub Exploit DB Packet Storm
254 - - - A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This vulnerability affects the function ate_iwpriv_set/ate_ifconfig_set of the file /goform/ate. The manipulation l… New CWE-77
Command Injection 		CVE-2024-9793 2024-10-11 01:15 2024-10-11 Show GitHub Exploit DB Packet Storm
255 - - - pac4j is a security framework for Java. `pac4j-core` prior to version 4.0.0 is affected by a Java deserialization vulnerability. The vulnerability affects systems that store externally controlled val… New CWE-502
 Deserialization of Untrusted Data 		CVE-2023-25581 2024-10-11 01:15 2024-10-11 Show GitHub Exploit DB Packet Storm
256 4.3 MEDIUM
Network 		nask ezd_rp Incorrect User Management vulnerability in Naukowa i Akademicka Siec Komputerowa - Panstwowy Instytut Badawczy EZD RP allows logged-in user to list all users in the system, including those from other… Update CWE-863
 Incorrect Authorization 		CVE-2024-7266 2024-10-11 01:15 2024-08-7 Show GitHub Exploit DB Packet Storm
257 8.8 HIGH
Network 		nask ezd_rp Incorrect User Management vulnerability in Naukowa i Akademicka Siec Komputerowa - Panstwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, wh… Update CWE-863
 Incorrect Authorization 		CVE-2024-7265 2024-10-11 01:15 2024-08-7 Show GitHub Exploit DB Packet Storm
258 7.8 HIGH
Local 		j11g cruddiy The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request to the application server.  The exploitation risk is limited since CRUDDIY is meant to be launched loca… Update CWE-78
OS Command  		CVE-2024-4748 2024-10-11 01:15 2024-06-24 Show GitHub Exploit DB Packet Storm
259 - - - Ant Media Server Community Edition in a default configuration is vulnerable to an improper HTTP header based authorization, leading to a possible use of non-administrative API calls reserved only for… Update - CVE-2024-3462 2024-10-11 01:15 2024-05-15 Show GitHub Exploit DB Packet Storm
260 - - - Improper access control vulnerability in Apaczka plugin for PrestaShop allows information gathering from saved templates without authentication.This issue affects Apaczka plugin for PrestaShop from v… Update - CVE-2024-2759 2024-10-11 01:15 2024-04-4 Show GitHub Exploit DB Packet Storm