Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 19, 2024, 2:02 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
196021 9.3 危険 XnSoft - XnViewer における整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2012-0685 2012-05-10 18:21 2012-05-9 Show GitHub Exploit DB Packet Storm
196022 9.3 危険 XnSoft - XnViewer における整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2012-0684 2012-05-10 18:21 2012-05-9 Show GitHub Exploit DB Packet Storm
196023 9.3 危険 FFmpeg - FFmpeg の asfrtp_parse_packet 関数における整数アンダーフローの脆弱性 CWE-189
数値処理の問題
CVE-2011-4031 2012-05-10 18:19 2012-05-9 Show GitHub Exploit DB Packet Storm
196024 9.3 危険 マイクロソフト - Microsoft .NET Framework における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2012-0161 2012-05-10 18:16 2012-05-8 Show GitHub Exploit DB Packet Storm
196025 9.3 危険 マイクロソフト - Microsoft .NET Framework における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2012-0160 2012-05-10 18:15 2012-05-8 Show GitHub Exploit DB Packet Storm
196026 9.3 危険 マイクロソフト - Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2012-1848 2012-05-10 18:13 2012-05-8 Show GitHub Exploit DB Packet Storm
196027 10 危険 マイクロソフト - Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2012-0181 2012-05-10 18:12 2012-05-8 Show GitHub Exploit DB Packet Storm
196028 7.2 危険 マイクロソフト - Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性 CWE-20
不適切な入力確認
CVE-2012-0180 2012-05-10 18:11 2012-05-8 Show GitHub Exploit DB Packet Storm
196029 9.3 危険 マイクロソフト - Windows 上で稼働する Microsoft Silverlight におけるメモリ二重解放の脆弱性 CWE-399
リソース管理の問題
CVE-2012-0176 2012-05-10 18:09 2012-05-8 Show GitHub Exploit DB Packet Storm
196030 9.3 危険 マイクロソフト - Microsoft Office 2003 および 2007 におけるヒープベースのバッファオーバーフローの脆弱性 CWE-20
不適切な入力確認
CVE-2012-0167 2012-05-10 18:08 2012-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 19, 2024, 1:08 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2111 5.5 MEDIUM
Network
- - A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to… CWE-20
 Improper Input Validation 
CVE-2024-11079 2024-11-12 09:15 2024-11-12 Show GitHub Exploit DB Packet Storm
2112 - - - Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows attackers to obtain Administrative privileges via connecting to the web administration server. Not existing fo… - CVE-2024-40117 2024-11-12 08:15 2024-07-27 Show GitHub Exploit DB Packet Storm
2113 - - - An issue in Solar-Log 1000 before v2.8.2 and build 52-23.04.2013 was discovered to store plaintext passwords in the export.html, email.html, and sms.html files -- fixed with 3.0.0-60 11.10.2013 for S… - CVE-2024-40116 2024-11-12 08:15 2024-07-27 Show GitHub Exploit DB Packet Storm
2114 6.5 MEDIUM
Network
bkw solar-log_500_firmware An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read b… CWE-312
 Cleartext Storage of Sensitive Information
CVE-2021-34544 2024-11-12 08:15 2021-12-8 Show GitHub Exploit DB Packet Storm
2115 7.5 HIGH
Network
bkw solar-log_500_firmware The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a… CWE-306
Missing Authentication for Critical Function
CVE-2021-34543 2024-11-12 08:15 2021-12-8 Show GitHub Exploit DB Packet Storm
2116 5.4 MEDIUM
Network
solar-log 2000_pm\+_firmware A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting … CWE-79
Cross-site Scripting
CVE-2023-46344 2024-11-12 08:15 2024-02-2 Show GitHub Exploit DB Packet Storm
2117 9.8 CRITICAL
Network
solar-log solar-log_250_firmware
solar-log_300_firmware
solar-log_500_firmware
solar-log_800e_firmware
solar-log_1000_firmware
solar-log_1000_pm\+_firmware
solar-log_1200_firmware
solar-lo…
A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This affects Solar-Log devices that use firmware version v4.2.7 up… NVD-CWE-noinfo
CVE-2022-47767 2024-11-12 08:15 2023-01-27 Show GitHub Exploit DB Packet Storm
2118 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-9542. Reason: This candidate is a reservation duplicate of CVE-2024-9542. Notes: All CVE users should reference CV… - CVE-2024-10694 2024-11-12 06:15 2024-11-12 Show GitHub Exploit DB Packet Storm
2119 - - - An issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. A stored cross-site scripting (XSS) or, due to the default CSP, HTML injection vulnerability has been discovered in the admin da… - CVE-2024-39926 2024-11-12 06:15 2024-09-14 Show GitHub Exploit DB Packet Storm
2120 - - - An issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. A vulnerability has been identified in the authentication and authorization process of the endpoint responsible for altering the… - CVE-2024-39924 2024-11-12 06:15 2024-09-14 Show GitHub Exploit DB Packet Storm