Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Sept. 29, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195611 7.5 危険 Parallels - Parallels Plesk Panel の Control Panel における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4734 2011-12-19 16:40 2011-12-16 Show GitHub Exploit DB Packet Storm
195612 10 危険 Parallels - Parallels Plesk Panel の Server Administration Panel における詳細不明な脆弱性 CWE-DesignError
CVE-2011-4733 2011-12-19 16:39 2011-12-16 Show GitHub Exploit DB Packet Storm
195613 10 危険 Parallels - Parallels Plesk Panel の Server Administration Panel における詳細不明な脆弱性 CWE-DesignError
CVE-2011-4732 2011-12-19 16:38 2011-12-16 Show GitHub Exploit DB Packet Storm
195614 10 危険 Parallels - Parallels Plesk Panel の Administration Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4731 2011-12-19 16:37 2011-12-16 Show GitHub Exploit DB Packet Storm
195615 10 危険 Parallels - Parallels Plesk Panel の Server Administration Panel における認証を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4730 2011-12-19 16:34 2011-12-16 Show GitHub Exploit DB Packet Storm
195616 5 警告 Parallels - Parallels Plesk Panel の Server Administration Panel における重要な情報を取得される脆弱性 CWE-DesignError
CVE-2011-4729 2011-12-19 16:33 2011-12-16 Show GitHub Exploit DB Packet Storm
195617 5 警告 Parallels - Parallels Plesk Panel の Server Administration Panel における Cookie をキャプチャされる脆弱性 CWE-200
情報漏えい 		CVE-2011-4728 2011-12-19 16:32 2011-12-16 Show GitHub Exploit DB Packet Storm
195618 10 危険 Parallels - Parallels Plesk Panel の Server Administration Panel におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4727 2011-12-19 16:30 2011-12-16 Show GitHub Exploit DB Packet Storm
195619 4.3 警告 Parallels - Parallels Plesk Panel の Server Administration Panel におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4726 2011-12-19 16:28 2011-12-16 Show GitHub Exploit DB Packet Storm
195620 7.5 危険 Parallels - Parallels Plesk Panel の Server Administration Panel における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4725 2011-12-19 16:28 2011-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Sept. 29, 2024, 8:11 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
31 6.5 MEDIUM
Network 		sap s\/4hana_finance SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. A function import could be triggered allowing the attacker … Update CWE-863
 Incorrect Authorization 		CVE-2024-21736 2024-09-29 08:15 2024-01-9 Show GitHub Exploit DB Packet Storm
32 9.8 CRITICAL
Network 		sap cloud-security-client-go SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0, allow under certain conditions an escalation of privileges. On successful exploit… Update CWE-749
 Exposed Dangerous Method or Function 		CVE-2023-50424 2024-09-29 08:15 2023-12-12 Show GitHub Exploit DB Packet Storm
33 9.8 CRITICAL
Network 		sap sap-xssec SAP BTP Security Services Integration Library ([Python] sap-xssec) - versions < 4.1.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attac… Update CWE-749
 Exposed Dangerous Method or Function 		CVE-2023-50423 2024-09-29 08:15 2023-12-12 Show GitHub Exploit DB Packet Storm
34 9.8 CRITICAL
Network 		sap cloud-security-services-integration-library SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions from 3.0.0 to before 3.3.0, allow under certain conditions an e… Update CWE-749
 Exposed Dangerous Method or Function 		CVE-2023-50422 2024-09-29 08:15 2023-12-12 Show GitHub Exploit DB Packet Storm
35 9.8 CRITICAL
Network 		sap \@sap\/xssec SAP BTP Security Services Integration Library ([Node.js] @sap/xssec - versions < 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated atta… Update CWE-749
 Exposed Dangerous Method or Function 		CVE-2023-49583 2024-09-29 08:15 2023-12-12 Show GitHub Exploit DB Packet Storm
36 7.3 HIGH
Network 		sap graphical_user_interface SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, allow an unauthenticated attacker to access information which would otherwise be restri… Update NVD-CWE-noinfo
CVE-2023-49580 2024-09-29 08:15 2023-12-12 Show GitHub Exploit DB Packet Storm
37 3.5 LOW
Adjacent 		sap cloud_connector SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform Denial of service attack from adjacent UI by sending a malicious request which leads to low impact on the… Update CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2023-49578 2024-09-29 08:15 2023-12-12 Show GitHub Exploit DB Packet Storm
38 8.1 HIGH
Network 		sap commerce_cloud In SAP Commerce Cloud - versions HY_COM 1905, HY_COM 2005, HY_COM2105, HY_COM 2011, HY_COM 2205, COM_CLOUD 2211, a locked B2B user can misuse the forgotten password functionality to un-block his user… Update CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2023-42481 2024-09-29 08:15 2023-12-12 Show GitHub Exploit DB Packet Storm
39 4.3 MEDIUM
Network 		sap s\/4hana The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality. Update CWE-209
Information Exposure Through an Error Message 		CVE-2023-42475 2024-09-29 08:15 2023-10-10 Show GitHub Exploit DB Packet Storm
40 8.0 HIGH
Adjacent 		sap business_one SAP Business One installation - version 10.0, does not perform proper authentication and authorization checks for SMB shared folder. As a result, any malicious user can read and write to the SMB shar… Update CWE-863
 Incorrect Authorization 		CVE-2023-31403 2024-09-29 07:15 2023-11-14 Show GitHub Exploit DB Packet Storm