Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 19, 2024, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
195781	6.8	警告	Konstanty Bialkowski	-	libmodplug の CSoundFile::ReadAMS 関数における一つずれエラーの脆弱性	CWE-189 数値処理の問題	CVE-2011-2913	2012-06-11 14:19	2012-06-7	Show	GitHub Exploit DB Packet Storm

195782	6.8	警告	Konstanty Bialkowski	-	libmodplug の CSoundFile::ReadS3M 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-2912	2012-06-11 14:18	2012-06-7	Show	GitHub Exploit DB Packet Storm

195783	6.8	警告	Konstanty Bialkowski	-	libmodplug の CSoundFile::ReadWav 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-2911	2012-06-11 14:14	2012-06-7	Show	GitHub Exploit DB Packet Storm

195784	6.8	警告	Konstanty Bialkowski	-	libmodplug の abc_new_macro および abc_new_umacro 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-1761	2012-06-11 14:13	2012-06-7	Show	GitHub Exploit DB Packet Storm

195785	4.3	警告	xinetd	-	Xinetd の builtins.c におけるアクセス制限を回避される脆弱性	CWE-20 不適切な入力確認	CVE-2012-0862	2012-06-8 14:49	2012-06-4	Show	GitHub Exploit DB Packet Storm

195786	1.2	注意	Apache Software Foundation	-	Apache HTTP Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-4415	2012-06-8 10:37	2011-11-8	Show	GitHub Exploit DB Packet Storm

195787	6.8	警告	OpenStack	-	OpenStack Dashboard (Horizon) における Web セッションをハイジャックされる脆弱性	CWE-Other その他	CVE-2012-2144	2012-06-7 16:20	2012-06-5	Show	GitHub Exploit DB Packet Storm

195788	4.3	警告	ImageMagick	-	ImageMagick の profile.c 内の SyncImageProfiles 関数における整数オーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-1186	2012-06-7 16:09	2012-06-5	Show	GitHub Exploit DB Packet Storm

195789	9.3	危険	ImageMagick	-	ImageMagick の magick/profile.c または magick/property.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-1185	2012-06-7 16:03	2012-06-5	Show	GitHub Exploit DB Packet Storm

195790	9.3	危険	ImageMagick	-	ImageMagick におけるサービス運用妨害 (メモリ破損) の脆弱性	CWE-119 バッファエラー	CVE-2012-0247	2012-06-7 15:38	2012-02-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 19, 2024, 4:16 p.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
258271	-	leon_weber	pyxtrlock	pyxtrlock before 0.2 does not properly check the return values of the (1) xcb_grab_pointer and (2) xcb_grab_keyboard XCB library functions, which allows physically proximate attackers to gain access …	CWE-20 Improper Input Validation	CVE-2013-4427	2014-05-20 03:11	2014-05-19	Show	GitHub Exploit DB Packet Storm

258272	-	leon_weber	pyxtrlock	pyxtrlock before 0.1 uses an incorrect variable name, which allows physically proximate attackers to bypass the lock screen via multiple failed authentication attempts, which trigger a crash.	NVD-CWE-noinfo	CVE-2013-4426	2014-05-20 02:46	2014-05-19	Show	GitHub Exploit DB Packet Storm

258273	-	quick_tabs_module_project	quicktabs	The Quick Tabs module 6.x-2.x before 6.x-2.2, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.6 for Drupal does not properly check block permissions, which allows remote attackers to obtain sensitiv…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4406	2014-05-20 02:10	2014-05-19	Show	GitHub Exploit DB Packet Storm

258274	-	apple	itunes	Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary u…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-1347	2014-05-20 01:52	2014-05-18	Show	GitHub Exploit DB Packet Storm

258275	-	florian_weber	spaces	The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly delete organic group group spaces content when using the option to move to a new group, which causes t…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4498	2014-05-20 01:45	2014-05-18	Show	GitHub Exploit DB Packet Storm

258276	-	gitlab	gitlab	The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code …	NVD-CWE-Other	CVE-2013-4489	2014-05-20 01:38	2014-05-18	Show	GitHub Exploit DB Packet Storm

258277	-	gitlab	gitlab	Per: http://cwe.mitre.org/data/definitions/77.html "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')"	NVD-CWE-Other	CVE-2013-4489	2014-05-20 01:38	2014-05-18	Show	GitHub Exploit DB Packet Storm

258278	-	flag_module_project	flag	Eval injection vulnerability in the flag_import_form_validate function in includes/flag.export.inc in the Flag module 7.x-3.0, 7.x-3.5, and earlier for Drupal allows remote authenticated administrato…	CWE-94 Code Injection	CVE-2014-3453	2014-05-20 01:32	2014-05-18	Show	GitHub Exploit DB Packet Storm

258279	-	vicidial	vicidial	VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the (1) VDAD and (2) VDCL users, which makes it easier for remote attackers to o…	CWE-255 Credentials Management	CVE-2013-7382	2014-05-20 00:46	2014-05-18	Show	GitHub Exploit DB Packet Storm

258280	-	spumko_project	hapi_server_framework	The hapi server framework 2.0.x and 2.1.x before 2.2.0 for Node.js allows remote attackers to cause a denial of service (file descriptor consumption and process crash) via unspecified vectors.	CWE-399 Resource Management Errors	CVE-2014-3742	2014-05-20 00:22	2014-05-17	Show	GitHub Exploit DB Packet Storm