Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
196191 6.5 警告 Quagga
サイバートラスト株式会社
レッドハット
- Quagga の bgpd の bgp_route_refresh_receive 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-2948 2012-04-17 18:20 2010-08-19 Show GitHub Exploit DB Packet Storm
196192 5 警告 Quagga
レッドハット
- Quagga の bgpd におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他
CVE-2010-2949 2012-04-17 18:19 2010-08-19 Show GitHub Exploit DB Packet Storm
196193 4.3 警告 Artifex Software - Ghostscript の gs_type2_interpret 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー
CVE-2010-4054 2012-04-17 17:38 2010-10-23 Show GitHub Exploit DB Packet Storm
196194 9.3 危険 アップル
レッドハット
- 複数の Apple 製品の LIBTIFF におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-0192 2012-04-17 17:32 2011-03-3 Show GitHub Exploit DB Packet Storm
196195 4.3 警告 LibTIFF
レッドハット
- LibTIFF の tiffdump.c 内にある ReadDirectory 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2010-4665 2012-04-17 17:30 2011-04-9 Show GitHub Exploit DB Packet Storm
196196 4.3 警告 サイバートラスト株式会社
LibTIFF
レッドハット
- LibTIFF の TIFFYCbCrtoRGB 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2010-2595 2012-04-17 17:29 2010-07-2 Show GitHub Exploit DB Packet Storm
196197 5 警告 OpenSSL Project - OpenSSL の GOST ENGINE におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性 CWE-399
リソース管理の問題
CVE-2012-0027 2012-04-17 17:19 2012-01-4 Show GitHub Exploit DB Packet Storm
196198 9.3 危険 X.Org Foundation
サイバートラスト株式会社
レッドハット
- X.Org の xrdb.c における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-0465 2012-04-17 17:13 2011-03-1 Show GitHub Exploit DB Packet Storm
196199 5 警告 PNG Development Group - libpng の png_err 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他
CVE-2011-2691 2012-04-17 17:09 2011-07-17 Show GitHub Exploit DB Packet Storm
196200 5 警告 光洋電子工業 - 複数の光洋電子工業社製品の Web サーバにおけるサービス運用妨害 (リソース消費) の脆弱性 CWE-399
リソース管理の問題
CVE-2012-1809 2012-04-17 16:52 2012-04-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2631 5.5 MEDIUM
Local
huawei harmonyos Vulnerability of improper memory access in the phone service module Impact: Successful exploitation of this vulnerability may affect availability. CWE-129
 Improper Validation of Array Index
CVE-2024-51517 2024-11-7 08:15 2024-11-5 Show GitHub Exploit DB Packet Storm
2632 8.8 HIGH
Network
darkmysite darkmysite Cross-Site Request Forgery (CSRF) vulnerability in DarkMySite DarkMySite – Advanced Dark Mode Plugin for WordPress darkmysite allows Cross Site Request Forgery.This issue affects DarkMySite – Advance… CWE-352
 Origin Validation Error
CVE-2024-50466 2024-11-7 08:13 2024-10-30 Show GitHub Exploit DB Packet Storm
2633 8.8 HIGH
Network
odude crypto_tool The Crypto plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.15. This is due to missing nonce validation in the 'crypto_connect_ajax_process::check'… CWE-352
 Origin Validation Error
CVE-2024-9990 2024-11-7 08:11 2024-10-30 Show GitHub Exploit DB Packet Storm
2634 9.8 CRITICAL
Network
hmplugin aidwp Missing Authorization vulnerability in HM Plugin WordPress Stripe Donation and Payment Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Stri… CWE-862
 Missing Authorization
CVE-2024-50459 2024-11-7 08:11 2024-10-30 Show GitHub Exploit DB Packet Storm
2635 5.3 MEDIUM
Network
openjsf express A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used. The issue arises from improper… NVD-CWE-noinfo
CVE-2024-10491 2024-11-7 08:08 2024-10-30 Show GitHub Exploit DB Packet Storm
2636 4.9 MEDIUM
Network
bowo code_explorer The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5. This is due to the fact that the plugin does not restrict accessin… NVD-CWE-Other
CVE-2023-5816 2024-11-7 08:07 2024-10-30 Show GitHub Exploit DB Packet Storm
2637 5.4 MEDIUM
Network
joshlobe ultimate_tinymce The Ultimate TinyMCE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'field' shortcode in all versions up to, and including, 5.7 due to insufficient input sanitization and o… CWE-79
Cross-site Scripting
CVE-2024-8627 2024-11-7 08:06 2024-10-30 Show GitHub Exploit DB Packet Storm
2638 5.5 MEDIUM
Network
ibm websphere_application_server IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sens… CWE-611
XXE
CVE-2024-45086 2024-11-7 08:04 2024-11-5 Show GitHub Exploit DB Packet Storm
2639 5.3 MEDIUM
Network
oracle installed_base Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability a… NVD-CWE-noinfo
CVE-2024-21258 2024-11-7 07:56 2024-10-16 Show GitHub Exploit DB Packet Storm
2640 5.4 MEDIUM
Network
oracle peoplesoft_enterprise_cost_center_common_application_objects Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Activity Guide Composer). The supported version that is affected is 9.2. Easily exp… NVD-CWE-noinfo
CVE-2024-21264 2024-11-7 07:56 2024-10-16 Show GitHub Exploit DB Packet Storm