Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
196761	3.5	注意	Plone Foundation	-	Plone の safe_html フィルタにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1949	2012-03-27 18:43	2011-06-6	Show	GitHub Exploit DB Packet Storm

196762	4.3	警告	Plone Foundation	-	Plone におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1948	2012-03-27 18:43	2011-06-6	Show	GitHub Exploit DB Packet Storm

196763	5	警告	Fetchmail Project	-	fetchmail におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1947	2012-03-27 18:43	2011-06-2	Show	GitHub Exploit DB Packet Storm

196764	7.2	危険	hongli lai	-	libgnomesu の gnomesu-pam-backend における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1946	2012-03-27 18:43	2011-07-7	Show	GitHub Exploit DB Packet Storm

196765	2.1	注意	Fedora Project レッドハット	-	Fedora の NetworkManager パッケージの libnm-util の destroy_one_secret 関数における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-1943	2012-03-27 18:43	2011-06-14	Show	GitHub Exploit DB Packet Storm

196766	6.8	警告	VideoLAN FFmpeg Libav	-	VideoLAN VLC メディアプレイヤーなどの製品で使用される FFmpeg および libav の Sunplus SP5X JPEG デコーダにおけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2011-1931	2012-03-27 18:43	2011-07-7	Show	GitHub Exploit DB Packet Storm

196767	5	警告	Wouter Verhelst	-	nbd-server の nbd-server.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2011-1925	2012-03-27 18:43	2011-05-31	Show	GitHub Exploit DB Packet Storm

196768	5	警告	The Tor Project	-	Tor の policy_summarize 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-1924	2012-03-27 18:43	2011-02-28	Show	GitHub Exploit DB Packet Storm

196769	3.3	注意	ihji NetBSD	-	pmake などの製品で使用される NetBSD の make インクルードファイルにおける任意のファイルを上書される脆弱性	CWE-59 リンク解釈の問題	CVE-2011-1920	2012-03-27 18:43	2011-05-23	Show	GitHub Exploit DB Packet Storm

196770	9.3	危険	Foxit Software Inc	-	Foxit Reader の FreeType エンジンのType 1 フォントデコーダにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-1908	2012-03-27 18:43	2011-06-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
260081	-	cisco	mediasense	Cross-site scripting (XSS) vulnerability in the oraservice page in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj23328.	CWE-79 Cross-site Scripting	CVE-2013-5501	2013-10-3 04:44	2013-09-21	Show	GitHub Exploit DB Packet Storm

260082	-	cisco	mediasense	Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin service page in Cisco MediaSense allow remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bu…	CWE-79 Cross-site Scripting	CVE-2013-5500	2013-10-3 04:43	2013-09-21	Show	GitHub Exploit DB Packet Storm

260083	-	ovislink sony	airlive_wl2600cam snc_ch140 snc_ch180 snc_ch240 snc_ch280 snc_dh140 snc_dh140t snc_dh180 snc_dh240 snc_dh240t snc_dh280	Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and pos…	CWE-352 Origin Validation Error	CVE-2013-3539	2013-10-3 04:26	2013-10-2	Show	GitHub Exploit DB Packet Storm

260084	-	grandstream	gxv_device_firmware gxv3500 gxv3501 gxv3504 gxv3601 gxv3601hd\/ll gxv3611hd\/ll gxv3615w\/p gxv3615wp_hd gxv3651fhd gxv3662hd	Cross-site scripting (XSS) vulnerability in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera mode…	CWE-79 Cross-site Scripting	CVE-2013-3962	2013-10-3 02:28	2013-10-2	Show	GitHub Exploit DB Packet Storm

260085	-	brickom	100ap_device_firmware fb-100ap md-100ap ob-100ae osd-040e wcb-100ap wfb-100ap	Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 a…	CWE-352 Origin Validation Error	CVE-2013-3690	2013-10-3 02:21	2013-10-2	Show	GitHub Exploit DB Packet Storm

260086	-	grandstream	gxv_device_firmware gxv3500 gxv3501 gxv3504 gxv3601 gxv3601hd\/ll gxv3611hd\/ll gxv3615w\/p gxv3615wp_hd gxv3651fhd gxv3662hd	Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, an…	CWE-352 Origin Validation Error	CVE-2013-3963	2013-10-3 02:14	2013-10-2	Show	GitHub Exploit DB Packet Storm

260087	-	samsung	shr-5082 shr-5162	Cross-site scripting (XSS) vulnerability in Samsung SHR-5162, SHR-5082, and possibly other models, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.	CWE-79 Cross-site Scripting	CVE-2013-3964	2013-10-3 02:10	2013-10-2	Show	GitHub Exploit DB Packet Storm

260088	-	emc	geosynchrony vplex_geo vplex_local vplex_metro	EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage of the LDAP/AD bind password, which allows local users to obtain sensitive information by reading the management-server configur…	CWE-255 Credentials Management	CVE-2013-3278	2013-10-3 00:16	2013-10-1	Show	GitHub Exploit DB Packet Storm

260089	-	wordpress	wordpress	wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP u…	CWE-94 Code Injection	CVE-2013-4338	2013-10-2 13:29	2013-09-12	Show	GitHub Exploit DB Packet Storm

260090	-	wordpress	wordpress	wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4340	2013-10-2 13:29	2013-09-12	Show	GitHub Exploit DB Packet Storm