Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 16, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
196551	7.5	危険	The phpMyAdmin Project	-	phpMyAdmin の setup/lib/ConfigGenerator.class.php における静的コードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2011-2506	2012-03-27 18:43	2011-07-2	Show	GitHub Exploit DB Packet Storm

196552	6.4	警告	The phpMyAdmin Project	-	phpMyAdmin の libraries/auth/swekey/swekey.auth.lib.php における SESSION スーパーグローバル配列を変更される脆弱性	CWE-94 コード・インジェクション	CVE-2011-2505	2012-03-27 18:43	2011-07-2	Show	GitHub Exploit DB Packet Storm

196553	8.3	危険	Linux	-	Linux kernel の l2cap_config_req 関数における整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-2497	2012-03-27 18:43	2011-08-29	Show	GitHub Exploit DB Packet Storm

196554	7.2	危険	NRL	-	OPIE の opielogin.c における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2011-2490	2012-03-27 18:43	2011-07-26	Show	GitHub Exploit DB Packet Storm

196555	7.2	危険	NRL	-	OPIE の opiesu.c における権限を取得される脆弱性	CWE-189 数値処理の問題	CVE-2011-2489	2012-03-27 18:43	2011-07-26	Show	GitHub Exploit DB Packet Storm

196556	5	警告	Joomla!	-	Joomla! における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-2488	2012-03-27 18:43	2011-04-4	Show	GitHub Exploit DB Packet Storm

196557	2.6	注意	The Icinga Project	-	Icinga の config.c におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-2477	2012-03-27 18:43	2011-06-14	Show	GitHub Exploit DB Packet Storm

196558	4.3	警告	Coppermine Photo Gallery	-	CPG におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-2476	2012-03-27 18:43	2011-06-2	Show	GitHub Exploit DB Packet Storm

196559	10	危険	サイベース	-	Sybase OneBridge Mobile Data Suite の ECTrace.dll における任意のコードを実行される脆弱性	CWE-134 書式文字列の問題	CVE-2011-2475	2012-03-27 18:43	2011-06-9	Show	GitHub Exploit DB Packet Storm

196560	5	警告	サイベース	-	Sybase EAServer Developer Edition の HTTP Server におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-2474	2012-03-27 18:43	2011-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 17, 2024, 5:17 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
258211	-	google	android	Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within mu…	CWE-200 Information Exposure	CVE-2013-7373	2014-04-30 21:57	2014-04-30	Show	GitHub Exploit DB Packet Storm

258212	-	simplemachines	simple_machines_forum	Simple Machines Forum (SMF) 2.0.6, 1.1.19, and earlier allows remote attackers to impersonate arbitrary users via a Unicode homoglyph character in a username.	CWE-20 Improper Input Validation	CVE-2013-7236	2014-04-30 20:21	2014-04-29	Show	GitHub Exploit DB Packet Storm

258213	-	gnome	gnome-shell	The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3.10 does not prevent access to the "Enter a Command" dialog, which allows physically proximate attackers to execute ar…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-7221	2014-04-30 04:03	2014-04-29	Show	GitHub Exploit DB Packet Storm

258214	-	gnome	gnome-shell	js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation with the keyboard focus o…	NVD-CWE-Other	CVE-2013-7220	2014-04-30 03:53	2014-04-29	Show	GitHub Exploit DB Packet Storm

258215	-	gnome	gnome-shell	Per: https://cwe.mitre.org/data/definitions/77.html "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')"	NVD-CWE-Other	CVE-2013-7220	2014-04-30 03:53	2014-04-29	Show	GitHub Exploit DB Packet Storm

258216	-	phusion	juvia	Juvia uses the same secret key for all installations, which allows remote attackers to have unspecified impact by leveraging the secret key in app/config/initializers/secret_token.rb, related to cook…	CWE-255 Credentials Management	CVE-2013-7134	2014-04-30 03:13	2014-04-29	Show	GitHub Exploit DB Packet Storm

258217	-	basespace_ruby_sdk_project	basespace_ruby_sdk	The put_call function in the API client (api/api_client.rb) in the BaseSpace Ruby SDK (aka bio-basespace-sdk) gem 0.1.7 for Ruby uses the API_KEY on the command line, which allows remote attackers to…	CWE-200 Information Exposure	CVE-2013-7111	2014-04-30 02:59	2014-04-29	Show	GitHub Exploit DB Packet Storm

258218	-	organic_groups_project	organic_groups	The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users to bypass group restrictions on nodes with all groups set to optional input via an empty group field.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-7068	2014-04-30 02:52	2014-04-29	Show	GitHub Exploit DB Packet Storm

258219	-	entity_reference_project	entityreference	The Entity reference module 7.x-1.x before 7.x-1.1-rc1 for Drupal allows remote attackers to read private nodes titles by leveraging edit permissions to a node that references a private node.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-7066	2014-04-30 02:45	2014-04-29	Show	GitHub Exploit DB Packet Storm

258220	-	freelance-it-consultant	eu_cookie_compliance	Cross-site scripting (XSS) vulnerability in the EU Cookie Compliance module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated administrators with the "Administer EU Cookie Compliance pop…	CWE-79 Cross-site Scripting	CVE-2013-7064	2014-04-30 02:09	2014-04-29	Show	GitHub Exploit DB Packet Storm