Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 10, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
197371	2.1	注意	アップル	-	Apple iOS のホームスクリーンコンポーネントにおける重要な状態情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-3431	2011-10-24 16:47	2011-10-14	Show	GitHub Exploit DB Packet Storm

197372	5	警告	アップル	-	Apple iOS の UIKit アラートコンポーネントにおけるサービス運用妨害 (デバイスハング) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3432	2011-10-24 16:46	2011-10-14	Show	GitHub Exploit DB Packet Storm

197373	4.3	警告	アップル	-	Apple iOS の WiFi コンポーネントにおける重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-3434	2011-10-24 16:46	2011-10-14	Show	GitHub Exploit DB Packet Storm

197374	4.3	警告	アップル	-	Apple iOS および Safari で使用される WebKit におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3243	2011-10-24 16:43	2011-10-14	Show	GitHub Exploit DB Packet Storm

197375	2.1	注意	アップル	-	Apple iOS のキーボードコンポーネントにおける重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-3245	2011-10-24 16:43	2011-10-14	Show	GitHub Exploit DB Packet Storm

197376	2.6	注意	アップル	-	Apple iOS の CalDAV における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-3253	2011-10-24 16:43	2011-10-14	Show	GitHub Exploit DB Packet Storm

197377	4.3	警告	アップル	-	Apple iOS のカレンダーにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3254	2011-10-24 16:42	2011-10-14	Show	GitHub Exploit DB Packet Storm

197378	4.3	警告	アップル	-	Apple iOS の CFNetwork における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-3255	2011-10-24 16:33	2011-10-14	Show	GitHub Exploit DB Packet Storm

197379	2.1	注意	アップル	-	Apple iOS の Data Access コンポーネントにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-3257	2011-10-24 16:32	2011-10-14	Show	GitHub Exploit DB Packet Storm

197380	6.8	警告	アップル	-	Apple iOS の OfficeImport におけるバッファオーバーフローの脆弱性	CWE-94 コード・インジェクション	CVE-2011-3260	2011-10-24 16:30	2011-10-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
61	7.5	HIGH Network	huawei	emui harmonyos	Input parameter verification vulnerability in the communication system. Successful exploitation of this vulnerability may affect availability. Update	CWE-476 NULL Pointer Dereference	CVE-2023-39397	2024-10-10 05:35	2023-08-13	Show	GitHub Exploit DB Packet Storm

62	7.5	HIGH Network	huawei	emui harmonyos	Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability. Update	NVD-CWE-noinfo	CVE-2023-39395	2024-10-10 05:35	2023-08-13	Show	GitHub Exploit DB Packet Storm

63	7.5	HIGH Network	apache	inlong	Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could canc… Update	CWE-552 Files or Directories Accessible to External Parties	CVE-2023-31064	2024-10-10 05:35	2023-05-23	Show	GitHub Exploit DB Packet Storm

64	9.8	CRITICAL Network	apache	inlong	Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid (but unp… Update	CWE-269 Improper Privilege Management	CVE-2023-31062	2024-10-10 05:35	2023-05-23	Show	GitHub Exploit DB Packet Storm

65	8.8	HIGH Network	google fedoraproject	chrome fedora	Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.… Update	CWE-416 Use After Free	CVE-2023-1528	2024-10-10 05:35	2023-03-22	Show	GitHub Exploit DB Packet Storm

66	7.5	HIGH Network	atlassian	jira jira_software_data_center jira_server	Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References (I… Update	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2021-41307	2024-10-10 05:35	2021-10-26	Show	GitHub Exploit DB Packet Storm

67	-		-	-	An Insecure Direct Object Reference (IDOR) vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the API endpoint `http://0.0.0.0:3000/api/v1/memories/{id}/update`… New	CWE-250 Execution with Unnecessary Privileges	CVE-2024-7041	2024-10-10 05:15	2024-10-10	Show	GitHub Exploit DB Packet Storm

68	-		-	-	In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to unsanitized file.filename concatenation with CACHE_DIR. This vul… New	CWE-22 Path Traversal	CVE-2024-7037	2024-10-10 05:15	2024-10-10	Show	GitHub Exploit DB Packet Storm

69	7.5	HIGH Network	-	-	An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker se… New	CWE-755 Improper Handling of Exceptional Conditions	CVE-2024-39525	2024-10-10 05:15	2024-10-10	Show	GitHub Exploit DB Packet Storm

70	7.5	HIGH Network	-	-	An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacke… New	CWE-1288 Improper Validation of Consistency within Input	CVE-2024-39515	2024-10-10 05:15	2024-10-10	Show	GitHub Exploit DB Packet Storm