Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 10, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197391 9.3 危険 マイクロソフト - Microsoft Internet Explorer 6 から 9 における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-1993 2011-10-21 15:34 2011-10-11 Show GitHub Exploit DB Packet Storm
197392 7.2 危険 マイクロソフト - Microsoft Windows XP および Windows Server 2003 の afd.sys における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-2005 2011-10-21 15:34 2011-10-11 Show GitHub Exploit DB Packet Storm
197393 5 警告 マイクロソフト - Microsoft Windows XP および Windows Server 2003 における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2012 2011-10-21 15:31 2011-10-11 Show GitHub Exploit DB Packet Storm
197394 9.3 危険 マイクロソフト - Microsoft Forefront UAG の MicrosoftClient.jar における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-1969 2011-10-21 15:31 2011-10-11 Show GitHub Exploit DB Packet Storm
197395 4.3 警告 マイクロソフト - Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1897 2011-10-21 15:30 2011-10-11 Show GitHub Exploit DB Packet Storm
197396 4.3 警告 マイクロソフト - Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1896 2011-10-21 15:30 2011-10-11 Show GitHub Exploit DB Packet Storm
197397 9.3 危険 マイクロソフト - Microsoft Forefront UAG 2010 における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2011-1895 2011-10-21 15:28 2011-10-11 Show GitHub Exploit DB Packet Storm
197398 9.3 危険 マイクロソフト - Microsoft .NET Framework および Silverlight における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1253 2011-10-21 15:27 2011-10-11 Show GitHub Exploit DB Packet Storm
197399 7.2 危険 マイクロソフト - Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-2011 2011-10-21 15:26 2011-10-11 Show GitHub Exploit DB Packet Storm
197400 9.3 危険 マイクロソフト - Microsoft Windows の win32k.sys のバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2003 2011-10-21 15:25 2011-10-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
31 - - - The Easy Social Share Buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and i… New CWE-79
Cross-site Scripting 		CVE-2024-8729 2024-10-10 11:15 2024-10-10 Show GitHub Exploit DB Packet Storm
32 5.3 MEDIUM
Network 		- - The QA Analytics – Web Analytics Tool with Heatmaps & Session Replay Across All Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the … New - CVE-2024-8513 2024-10-10 11:15 2024-10-10 Show GitHub Exploit DB Packet Storm
33 - - - In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API endpoints GET /api/v1/documents/ and POST /rag/api/v1/doc. This vulnerability allows a lower-privileg… New CWE-269
 Improper Privilege Management 		CVE-2024-7048 2024-10-10 11:15 2024-10-10 Show GitHub Exploit DB Packet Storm
34 - - - execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. New - CVE-2024-48958 2024-10-10 11:15 2024-10-10 Show GitHub Exploit DB Packet Storm
35 - - - execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. New - CVE-2024-48957 2024-10-10 11:15 2024-10-10 Show GitHub Exploit DB Packet Storm
36 - - - FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed that this is not a vulnerability but a product specification… Update - CVE-2024-28125 2024-10-10 11:15 2024-03-18 Show GitHub Exploit DB Packet Storm
37 - - - The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits "sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()" validation. New - CVE-2024-48949 2024-10-10 10:15 2024-10-10 Show GitHub Exploit DB Packet Storm
38 - - - An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. New - CVE-2024-9380 2024-10-10 10:00 2024-10-9 Show GitHub Exploit DB Packet Storm
39 - - - SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements. New - CVE-2024-9379 2024-10-10 10:00 2024-10-9 Show GitHub Exploit DB Packet Storm
40 9.8 CRITICAL
Network 		fortinet fortipam
fortios
fortiproxy
fortiswitchmanager 		A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8,… Update CWE-134
Use of Externally-Controlled Format String 		CVE-2024-23113 2024-10-10 10:00 2024-02-15 Show GitHub Exploit DB Packet Storm