Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 7, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196321 9.3 危険 アップル
アドビシステムズ
マイクロソフト		 - Windows および Mac OS X 上で稼働する Adobe Flash Player における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-4694 2011-12-12 16:38 2011-12-7 Show GitHub Exploit DB Packet Storm
196322 9.3 危険 アップル
アドビシステムズ
マイクロソフト		 - Windows および Mac OS X 上で稼働する Adobe Flash Player における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-4693 2011-12-12 16:37 2011-12-7 Show GitHub Exploit DB Packet Storm
196323 5 警告 アップル
Google		 - WebKit におけるブラウザキャッシュ内の画像データの存在を推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4692 2011-12-12 16:36 2011-12-7 Show GitHub Exploit DB Packet Storm
196324 5 警告 Google - Google Chrome におけるブラウザキャッシュ内の文書の存在を容易に推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4691 2011-12-12 16:34 2011-12-7 Show GitHub Exploit DB Packet Storm
196325 5 警告 Opera Software ASA - Opera におけるブラウザキャッシュ内の文書の存在を容易に推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4690 2011-12-12 16:33 2011-12-7 Show GitHub Exploit DB Packet Storm
196326 5 警告 マイクロソフト - Microsoft Internet Explorer における文書の存在を容易に推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4689 2011-12-12 16:33 2011-12-7 Show GitHub Exploit DB Packet Storm
196327 5 警告 Mozilla Foundation - Mozilla Firefox におけるブラウザキャッシュ内の文書の存在を容易に推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4688 2011-12-12 16:31 2011-12-7 Show GitHub Exploit DB Packet Storm
196328 4.3 警告 Mozilla Foundation - 複数の Mozilla 製品のレイアウトエンジンにおける重要な情報を取得される脆弱性 CWE-362
競合状態 		CVE-2010-5074 2011-12-12 16:22 2010-03-31 Show GitHub Exploit DB Packet Storm
196329 5 警告 Google - Google Chrome の JavaScript 実装における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-5073 2011-12-12 16:21 2011-12-7 Show GitHub Exploit DB Packet Storm
196330 5 警告 Opera Software ASA - Opera の JavaScript 実装における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-5072 2011-12-12 16:20 2011-12-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 7, 2024, 8:10 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1161 7.8 HIGH
Local 		microsoft
git_for_windows_project 		visual_studio_2022
visual_studio_2017
visual_studio_2019
git_for_windows 		GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account. CWE-427
 Uncontrolled Search Path Element 		CVE-2022-24767 2024-10-2 00:35 2022-04-13 Show GitHub Exploit DB Packet Storm
1162 7.8 HIGH
Local 		amazon freertos FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming t… NVD-CWE-Other
CVE-2024-28115 2024-10-2 00:31 2024-03-8 Show GitHub Exploit DB Packet Storm
1163 5.4 MEDIUM
Network 		jellyfin jellyfin Jellyfin is an open source self hosted media server. The Jellyfin user profile image upload accepts SVG files, allowing for a stored XSS attack against an admin user via a specially crafted malicious… NVD-CWE-noinfo
CVE-2024-43801 2024-10-2 00:25 2024-09-3 Show GitHub Exploit DB Packet Storm
1164 5.5 MEDIUM
Local 		vim vim Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line… CWE-787
 Out-of-bounds Write 		CVE-2024-45306 2024-10-2 00:20 2024-09-3 Show GitHub Exploit DB Packet Storm
1165 6.3 MEDIUM
Local 		fedirtsapana simple_http_server_plus
simple_http_server 		Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K (AES) encryption key. An a… CWE-798
 Use of Hard-coded Credentials 		CVE-2023-46919 2024-10-2 00:15 2023-12-28 Show GitHub Exploit DB Packet Storm
1166 8.8 HIGH
Local 		rust-lang rust Rust is a programming language. The fix for CVE-2024-24576, where `std::process::Command` incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.8… CWE-88
Argument Injection 		CVE-2024-43402 2024-10-2 00:12 2024-09-5 Show GitHub Exploit DB Packet Storm
1167 7.5 HIGH
Network 		google tensorflow TensorFlow is an end-to-end open source platform for machine learning. `array_ops.upper_bound` causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will a… CWE-190
 Integer Overflow or Wraparound 		CVE-2023-33976 2024-10-1 23:41 2024-07-31 Show GitHub Exploit DB Packet Storm
1168 5.4 MEDIUM
Network 		axton wp-webauthn The WP-WebAuthn plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wwa_login_form shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanit… CWE-79
Cross-site Scripting 		CVE-2024-9023 2024-10-1 23:39 2024-09-28 Show GitHub Exploit DB Packet Storm
1169 6.1 MEDIUM
Network 		objectiv simple_ldap_login The Simple LDAP Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including… CWE-79
Cross-site Scripting 		CVE-2024-8715 2024-10-1 23:37 2024-09-28 Show GitHub Exploit DB Packet Storm
1170 - - - The Slider by 10Web WordPress plugin before 1.2.59 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting atta… - CVE-2024-8283 2024-10-1 23:35 2024-09-30 Show GitHub Exploit DB Packet Storm