Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 19, 2024, 2:02 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
196971 6.8 警告 VideoLAN - VideoLAN VLC media player の MP4_ReadBox_skcr 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-1684 2012-03-27 18:43 2011-04-7 Show GitHub Exploit DB Packet Storm
196972 6.8 警告 IBM - IBM WAS におけるアプリケーションのアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-1683 2012-03-27 18:43 2011-04-13 Show GitHub Exploit DB Packet Storm
196973 4.3 警告 Tincan - phpList におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2011-1682 2012-03-27 18:43 2011-04-13 Show GitHub Exploit DB Packet Storm
196974 3.3 注意 VMware - VMware Open Virtual Machine Tools の vmware-hgfsmounter におけるファイルの破損を誘発される脆弱性 CWE-16
環境設定
CVE-2011-1681 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
196975 4.4 警告 ncpfs - ncpfs の ncpmount における詳細不明な脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-1680 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
196976 5 警告 metaways - Metaways Tine における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2011-1666 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
196977 5 警告 phpboost - PHPBoost におけるバックアップの SQL ファイルを取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-1665 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
196978 6.8 警告 icanlocalize - Translation Management モジュール におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2011-1664 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
196979 7.5 危険 icanlocalize - Translation Management モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-1663 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
196980 4.3 警告 icanlocalize - Translation Management モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-1662 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 19, 2024, 1:08 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
258411 - transifex transifex Transifex command-line client before 0.10 does not validate X.509 certificates for data transfer connections, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary cer… CWE-20
 Improper Input Validation 
CVE-2013-7110 2014-05-2 23:52 2014-05-2 Show GitHub Exploit DB Packet Storm
258412 - transifex transifex Transifex command-line client before 0.9 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate. CWE-20
 Improper Input Validation 
CVE-2013-2073 2014-05-2 23:49 2014-05-2 Show GitHub Exploit DB Packet Storm
258413 - emc rsa_access_manager The runtime WS component in the server in EMC RSA Access Manager 6.1.3 before 6.1.3.39, 6.1.4 before 6.1.4.22, 6.2.0 before 6.2.0.11, and 6.2.1 before 6.2.1.03, when INFO logging is enabled, allows l… CWE-310
Cryptographic Issues
CVE-2014-0646 2014-05-2 22:49 2014-05-2 Show GitHub Exploit DB Packet Storm
258414 - tibco slingshot
vault
managed_file_transfer_command_center
managed_file_transfer_internet_server
TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive … CWE-200
Information Exposure
CVE-2014-2545 2014-05-2 04:15 2014-04-30 Show GitHub Exploit DB Packet Storm
258415 - ecava integraxor Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role. CWE-310
Cryptographic Issues
CVE-2014-0786 2014-05-2 01:18 2014-05-1 Show GitHub Exploit DB Packet Storm
258416 - ajenti ajenti Cross-site scripting (XSS) vulnerability in plugins/main/content/js/ajenti.coffee in Eugene Pankov Ajenti 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via the comma… CWE-79
Cross-site Scripting
CVE-2014-2260 2014-05-2 00:42 2014-05-1 Show GitHub Exploit DB Packet Storm
258417 - php-fusion php-fusion PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote attackers to obtain sensitive information v… CWE-264
Permissions, Privileges, and Access Controls
CVE-2013-1807 2014-05-2 00:35 2014-05-1 Show GitHub Exploit DB Packet Storm
258418 - php-fusion php-fusion Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to… CWE-22
Path Traversal
CVE-2013-1806 2014-05-2 00:27 2014-05-1 Show GitHub Exploit DB Packet Storm
258419 - bluecoat content_analysis_system_software
content_analysis_system
The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injecti… CWE-78
OS Command 
CVE-2014-2565 2014-05-1 22:49 2014-04-30 Show GitHub Exploit DB Packet Storm
258420 - gnu a2ps The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink atta… CWE-59
Link Following
CVE-2001-1593 2014-05-1 10:20 2014-04-6 Show GitHub Exploit DB Packet Storm