Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Sept. 23, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
196691	2.1	注意	Skype Technologies S.A.	-	Skype for Android における個人情報を読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1717	2011-06-3 10:25	2011-04-18	Show	GitHub Exploit DB Packet Storm

196692	7.2	危険	Google	-	Android におけるアプリケーションサンドボックスを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1149	2011-06-3 10:24	2011-04-21	Show	GitHub Exploit DB Packet Storm

196693	10	危険	Google	-	Google Chrome の GPU プロセスにおける任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2011-1301	2011-06-3 10:21	2011-04-14	Show	GitHub Exploit DB Packet Storm

196694	10	危険	Google Mozilla Foundation	-	Windows 上で稼働する Mozilla Firefox、および Google Chrome における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2011-1300	2011-06-3 09:55	2011-04-7	Show	GitHub Exploit DB Packet Storm

196695	5	警告	Google	-	WebKit の counterToCSSValue 関数におけるサービス運用妨害(DoS) の脆弱性	CWE-Other その他	CVE-2011-1691	2011-06-3 09:53	2011-03-28	Show	GitHub Exploit DB Packet Storm

196696	4.3	警告	サイバートラスト株式会社 Rdesktop レッドハット	-	rdesktop の disk_create 関数におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-1595	2011-06-3 09:50	2010-05-8	Show	GitHub Exploit DB Packet Storm

196697	4.3	警告	GNU Project ターボリナックスサイバートラスト株式会社レッドハット	-	GNU Mailman の Cgi/confirm.py におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-0707	2011-06-3 08:58	2011-02-22	Show	GitHub Exploit DB Packet Storm

196698	3.5	注意	アップル GNU Project ターボリナックスサイバートラスト株式会社レッドハット	-	GNU Mailman におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3089	2011-06-3 08:56	2011-03-1	Show	GitHub Exploit DB Packet Storm

196699	4.3	警告	アップル GNU Project ターボリナックスサイバートラスト株式会社レッドハット	-	Mailman における複数のクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0564	2011-06-3 08:55	2008-02-5	Show	GitHub Exploit DB Packet Storm

196700	10	危険	7-Technologies	-	7-Technologies Interactive Graphical SCADA System の IGSSdataServer.exe におけるスタックベースのオーバーフロー脆弱性	CWE-119 バッファエラー	CVE-2011-1567	2011-06-2 09:51	2011-04-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Sept. 23, 2024, 4:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1871	8.8	HIGH Network	themify	ultra	Missing Authorization vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5.	CWE-862 Missing Authorization	CVE-2023-46148	2024-09-16 22:39	2024-06-19	Show	GitHub Exploit DB Packet Storm

1872	8.8	HIGH Network	elastic	kibana	A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic Secu…	CWE-502 Deserialization of Untrusted Data	CVE-2024-37288	2024-09-16 22:29	2024-09-9	Show	GitHub Exploit DB Packet Storm

1873	6.1	MEDIUM Network	uniong	webitr	WebITR from Uniong has an Open Redirect vulnerability, which allows unauthorized remote attackers to exploit this vulnerability to forge URLs. Users, believing they are accessing a trusted domain, ca…	CWE-601 Open Redirect	CVE-2024-8586	2024-09-16 22:28	2024-09-9	Show	GitHub Exploit DB Packet Storm

1874	4.3	MEDIUM Network	istyle	\@cosme	Improper authorization in handler for custom URL scheme issue in "@cosme" App for Android versions prior 5.69.0 and "@cosme" App for iOS versions prior to 6.74.0 allows an attacker to lead a user to …	NVD-CWE-noinfo	CVE-2024-45203	2024-09-16 22:27	2024-09-9	Show	GitHub Exploit DB Packet Storm

1875	6.3	MEDIUM Network	crocoblock	jetelements	Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13.	CWE-862 Missing Authorization	CVE-2023-48761	2024-09-16 22:27	2024-06-19	Show	GitHub Exploit DB Packet Storm

1876	9.8	CRITICAL Network	crocoblock	jetelements	Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13.	CWE-862 Missing Authorization	CVE-2023-48760	2024-09-16 22:26	2024-06-19	Show	GitHub Exploit DB Packet Storm

1877	7.5	HIGH Network	crocoblock	jetelements	Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13.	CWE-862 Missing Authorization	CVE-2023-48759	2024-09-16 22:25	2024-06-19	Show	GitHub Exploit DB Packet Storm

1878	9.8	CRITICAL Network	project_team	tmall_demo	A vulnerability, which was classified as critical, was found in Mini-Tmall up to 20240901. Affected is the function rewardMapper.select of the file tmall/admin/order/1/1. The manipulation of the argu…	CWE-89 SQL Injection	CVE-2024-8568	2024-09-16 22:22	2024-09-8	Show	GitHub Exploit DB Packet Storm

1879	9.8	CRITICAL Network	phpvibe	phpvibe	A vulnerability, which was classified as critical, was found in PHPVibe 11.0.46. Affected is an unknown function of the file /app/uploading/upload-mp3.php of the component Media Upload Page. The mani…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-6083	2024-09-16 22:21	2024-06-18	Show	GitHub Exploit DB Packet Storm

1880	4.8	MEDIUM Network	anujk305	bus_pass_management_system	phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters.	CWE-79 Cross-site Scripting	CVE-2024-44798	2024-09-16 22:19	2024-09-14	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed