Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Sept. 20, 2024, 12:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
196391	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2127	2011-07-1 15:31	2011-06-14	Show	GitHub Exploit DB Packet Storm

196392	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-2126	2011-07-1 15:30	2011-06-14	Show	GitHub Exploit DB Packet Storm

196393	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の Dirapix.dll におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-2125	2011-07-1 10:19	2011-06-14	Show	GitHub Exploit DB Packet Storm

196394	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2124	2011-07-1 10:17	2011-06-14	Show	GitHub Exploit DB Packet Storm

196395	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の Shockwave 3D Asset x32 コンポーネントにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-2123	2011-07-1 10:15	2011-06-14	Show	GitHub Exploit DB Packet Storm

196396	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の Dirapi.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2122	2011-07-1 10:14	2011-06-14	Show	GitHub Exploit DB Packet Storm

196397	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-2121	2011-06-30 10:59	2011-06-14	Show	GitHub Exploit DB Packet Storm

196398	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の CursorAsset x32 コンポーネントにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-2120	2011-06-30 10:58	2011-06-14	Show	GitHub Exploit DB Packet Storm

196399	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の Dirapi.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2119	2011-06-30 10:57	2011-06-14	Show	GitHub Exploit DB Packet Storm

196400	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の FLV ASSET Xtra コンポーネントにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-2118	2011-06-30 10:56	2011-06-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Sept. 20, 2024, 12:52 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
31	4.3	MEDIUM Network	-	-	Microsoft Edge (Chromium-based) Spoofing Vulnerability New	CWE-79 Cross-site Scripting	CVE-2024-38221	2024-09-20 06:15	2024-09-20	Show	GitHub Exploit DB Packet Storm

32	7.8	HIGH Local	acronis	cyber_protect_home_office	Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278. Update	CWE-610 Externally Controlled Reference to a Resource in Another Sphere	CVE-2022-46869	2024-09-20 06:15	2023-09-1	Show	GitHub Exploit DB Packet Storm

33	5.5	MEDIUM Local	ibm	cloud_pak_for_security qradar_suite	IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 stores potentially sensitive information in log files that could be read by a local use… Update	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-25023	2024-09-20 06:14	2024-07-10	Show	GitHub Exploit DB Packet Storm

34	9.8	CRITICAL Network	pluck-cms	pluck	Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack. Update	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2024-43042	2024-09-20 06:01	2024-08-17	Show	GitHub Exploit DB Packet Storm

35	8.8	HIGH Network	churchcrm	churchcrm	ChurchCRM is an open-source church management system. Versions of the application prior to 5.9.2 are vulnerable to an authenticated SQL injection due to an improper sanitization of user input. Authen… Update	CWE-89 SQL Injection	CVE-2024-39304	2024-09-20 05:59	2024-07-27	Show	GitHub Exploit DB Packet Storm

36	8.8	HIGH Network	nuxt	nuxt	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Due to the insufficient validation of the `path` parameter in the NuxtTestComponentWrapper, an… Update	CWE-94 Code Injection	CVE-2024-34344	2024-09-20 05:58	2024-08-6	Show	GitHub Exploit DB Packet Storm

37	7.5	HIGH Network	nuxt	nuxt	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. `nuxt/icon` provides an API to allow client side icon lookup. This endpoint is at `/api/_nuxt_… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-42352	2024-09-20 05:55	2024-08-6	Show	GitHub Exploit DB Packet Storm

38	5.4	MEDIUM Network	spiffyplugins	spiffy_calendar	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from … Update	CWE-79 Cross-site Scripting	CVE-2024-45457	2024-09-20 05:53	2024-09-15	Show	GitHub Exploit DB Packet Storm

39	7.8	HIGH Local	mongodb	mongodb c_driver php_driver	Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing… Update	NVD-CWE-noinfo	CVE-2024-7553	2024-09-20 05:46	2024-08-7	Show	GitHub Exploit DB Packet Storm

40	4.7	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" Patch series "mm: Avoid possible overflows in dirt… Update	CWE-369 Divide By Zero	CVE-2024-42102	2024-09-20 05:38	2024-07-30	Show	GitHub Exploit DB Packet Storm