Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 5, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
195471	3.5	注意	Symphony CMS	-	Symphony CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4340	2012-02-14 14:45	2012-02-12	Show	GitHub Exploit DB Packet Storm

195472	4.3	警告	Deon George	-	phpLDAPadmin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0834	2012-02-14 14:45	2012-02-11	Show	GitHub Exploit DB Packet Storm

195473	7.5	危険	Mozilla Foundation	-	複数の Mozilla 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-0452	2012-02-14 14:42	2012-02-10	Show	GitHub Exploit DB Packet Storm

195474	4.3	警告	IBM	-	IBM Cognos TM1 の TM1 Web におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1046	2012-02-14 14:18	2012-02-10	Show	GitHub Exploit DB Packet Storm

195475	5	警告	Apache Software Foundation	-	Apache Portable Runtime ライブラリの apr_hash.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-0840	2012-02-14 14:17	2012-02-10	Show	GitHub Exploit DB Packet Storm

195476	5	警告	AdaCore	-	AdaCore Ada Web Services におけるサービス運用妨害 (CPU 資源の消費) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-1035	2012-02-13 16:39	2012-01-27	Show	GitHub Exploit DB Packet Storm

195477	6.5	警告	サイベース	-	Sybase M-Business Anywhere の Web 管理インターフェイスにおけるユーザーアカウントをリストアップされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-5078	2012-02-13 16:15	2012-02-8	Show	GitHub Exploit DB Packet Storm

195478	5	警告	INRIA	-	OCaml におけるサービス運用妨害 (CPU 資源の消費) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-0839	2012-02-13 16:13	2012-02-8	Show	GitHub Exploit DB Packet Storm

195479	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer および RealPlayer SP における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-0927	2012-02-13 14:37	2012-02-6	Show	GitHub Exploit DB Packet Storm

195480	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer および RealPlayer SP の RV10 コーデックにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-0926	2012-02-13 14:36	2012-02-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 5, 2024, 8:11 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
141	5.3	MEDIUM Network	givewp	givewp	The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.15.1. This is due to the plugin utilizing Symf… Update	CWE-209 Information Exposure Through an Error Message	CVE-2024-6551	2024-10-5 00:57	2024-08-29	Show	GitHub Exploit DB Packet Storm

142	4.4	MEDIUM Local	zoom	vdi_windows_meeting_clients zoom meeting_software_development_kit rooms	Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access. Update	NVD-CWE-noinfo	CVE-2024-24698	2024-10-5 00:54	2024-02-14	Show	GitHub Exploit DB Packet Storm

143	6.5	MEDIUM Network	zoom	meeting_software_development_kit zoom vdi_windows_meeting_clients	Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via … Update	NVD-CWE-noinfo	CVE-2024-24695	2024-10-5 00:44	2024-02-14	Show	GitHub Exploit DB Packet Storm

144	9.8	CRITICAL Network	zoom	meeting_software_development_kit zoom vdi_windows_meeting_clients rooms	Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via… Update	NVD-CWE-noinfo	CVE-2024-24691	2024-10-5 00:43	2024-02-14	Show	GitHub Exploit DB Packet Storm

145	6.7	MEDIUM Local	linuxfoundation rdkcentral google openwrt	yocto rdk-b android openwrt	In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed… Update	CWE-787 Out-of-bounds Write	CVE-2023-20832	2024-10-5 00:35	2023-09-4	Show	GitHub Exploit DB Packet Storm

146	7.5	HIGH Network	oracle	weblogic_server	Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.… Update	NVD-CWE-noinfo	CVE-2017-10271	2024-10-5 00:35	2017-10-20	Show	GitHub Exploit DB Packet Storm

147	4.7	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid race between dcn35_set_drr() and dc_state_destruct() dc_state_destruct() nulls the resource context of the… Update	CWE-476 NULL Pointer Dereference	CVE-2024-46850	2024-10-5 00:30	2024-09-27	Show	GitHub Exploit DB Packet Storm

148	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Limit the period on Haswell Running the ltp test cve-2015-3290 concurrently reports the following warnings. perf… Update	NVD-CWE-noinfo	CVE-2024-46848	2024-10-5 00:23	2024-09-27	Show	GitHub Exploit DB Packet Storm

149	-		-	-	IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using the reference usage here, it is identified that the public endpoint is acc… New	CWE-22 CWE-23 Path Traversal Relative Path Traversal	CVE-2024-47769	2024-10-5 00:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

150	-		-	-	Lif Authentication Server is a server used by Lif to do various tasks regarding Lif accounts. This vulnerability has to do with the account recovery system where there does not appear to be a check t… New	CWE-287 Improper Authentication	CVE-2024-47768	2024-10-5 00:15	2024-10-5	Show	GitHub Exploit DB Packet Storm