Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 7, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196821 9.3 危険 Investintech.com Inc. - Investintech.com の SlimPDF Reader におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4217 2011-11-10 16:31 2011-11-1 Show GitHub Exploit DB Packet Storm
196822 9.3 危険 Investintech.com Inc. - Investintech.com の SlimPDF Reader におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4216 2011-11-10 16:30 2011-11-1 Show GitHub Exploit DB Packet Storm
196823 7.5 危険 OneOrZero - OneOrZero Action & Information Management System における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4215 2011-11-10 16:30 2011-11-1 Show GitHub Exploit DB Packet Storm
196824 10 危険 OneOrZero - OneOrZero Action & Information Management System における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2011-4214 2011-11-10 16:29 2011-11-1 Show GitHub Exploit DB Packet Storm
196825 4.3 警告 The phpMyAdmin Project - phpMyAdmin のセットアップインターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4064 2011-11-10 16:29 2011-10-17 Show GitHub Exploit DB Packet Storm
196826 7.8 危険 シスコシステムズ - Cisco Unified Communications Manager および Cisco IOS におけるメモリリークの脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0941 2011-11-10 16:28 2011-09-28 Show GitHub Exploit DB Packet Storm
196827 5 警告 Roundcube.net - Roundcube Webmail の include/iniset.php におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-4078 2011-11-10 16:27 2011-11-3 Show GitHub Exploit DB Packet Storm
196828 7.5 危険 The PHP Group - PHP の is_a 関数における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-3379 2011-11-10 16:27 2011-08-22 Show GitHub Exploit DB Packet Storm
196829 7.5 危険 SIR - Gnuboard の bbs/tb.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4066 2011-11-10 16:26 2011-11-4 Show GitHub Exploit DB Packet Storm
196830 6.3 警告 Conky - Conky における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2011-3616 2011-11-10 16:26 2011-11-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 7, 2024, 8:10 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1031 9.8 CRITICAL
Network 		atlassian crowd Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd's REST API u… NVD-CWE-noinfo
CVE-2022-43782 2024-10-3 00:35 2022-11-17 Show GitHub Exploit DB Packet Storm
1032 9.8 CRITICAL
Network 		atlassian bitbucket There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arb… CWE-77
Command Injection 		CVE-2022-43781 2024-10-3 00:35 2022-11-17 Show GitHub Exploit DB Packet Storm
1033 8.8 HIGH
Network 		atlassian jira_align The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the People role permission to use the MasterUserEdit API to modify any users role t… CWE-276
Incorrect Default Permissions  		CVE-2022-36803 2024-10-3 00:35 2022-10-14 Show GitHub Exploit DB Packet Storm
1034 5.3 MEDIUM
Adjacent 		synology active_backup_for_business_agent Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credent… CWE-311
Missing Encryption of Sensitive Data 		CVE-2023-52950 2024-10-3 00:26 2024-09-26 Show GitHub Exploit DB Packet Storm
1035 5.5 MEDIUM
Local 		synology active_backup_for_business_agent Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential … CWE-306
Missing Authentication for Critical Function 		CVE-2023-52949 2024-10-3 00:26 2024-09-26 Show GitHub Exploit DB Packet Storm
1036 5.0 MEDIUM
Local 		synology active_backup_for_business_agent Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecifie… CWE-311
Missing Encryption of Sensitive Data 		CVE-2023-52948 2024-10-3 00:26 2024-09-26 Show GitHub Exploit DB Packet Storm
1037 3.3 LOW
Local 		synology active_backup_for_business_agent Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecifi… CWE-306
Missing Authentication for Critical Function 		CVE-2023-52947 2024-10-3 00:26 2024-09-26 Show GitHub Exploit DB Packet Storm
1038 8.8 HIGH
Network 		freeipa freeipa A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake r… CWE-863
 Incorrect Authorization 		CVE-2024-2698 2024-10-3 00:15 2024-06-12 Show GitHub Exploit DB Packet Storm
1039 5.5 MEDIUM
Local 		opentext identity_manager_azuread_driver A vulnerability identified in OpenText™ Identity Manager AzureAD Driver that allows logging of sensitive information into log file. This impacts all versions before 5.1.4.0 CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2021-22518 2024-10-3 00:10 2024-09-12 Show GitHub Exploit DB Packet Storm
1040 7.5 HIGH
Network 		netiq identity_manager_rest_driver Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager has been discovered in OpenText™ Identity Manager REST Driver. This impact version before 1.1.2.0200. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2022-26322 2024-10-3 00:03 2024-09-12 Show GitHub Exploit DB Packet Storm