Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 31, 2024, 10:01 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
197791 4 警告 オラクル - Oracle MySQL の MySQL Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0115 2012-01-23 11:28 2012-01-17 Show GitHub Exploit DB Packet Storm
197792 4.3 警告 オラクル - Oracle MySQL の MySQL Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0496 2012-01-23 11:06 2012-01-17 Show GitHub Exploit DB Packet Storm
197793 4.9 警告 オラクル - Oracle MySQL の MySQL Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0118 2012-01-23 11:04 2012-01-17 Show GitHub Exploit DB Packet Storm
197794 4.9 警告 オラクル - Oracle MySQL の MySQL Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0116 2012-01-23 11:04 2012-01-17 Show GitHub Exploit DB Packet Storm
197795 5 警告 オラクル - Oracle MySQL の MySQL Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-2262 2012-01-23 11:03 2012-01-17 Show GitHub Exploit DB Packet Storm
197796 5.5 警告 オラクル - Oracle MySQL の MySQL Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0113 2012-01-23 11:03 2012-01-17 Show GitHub Exploit DB Packet Storm
197797 2.1 注意 オラクル - Oracle Communications Unified における Calendar Server の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2011-3570 2012-01-23 10:59 2012-01-17 Show GitHub Exploit DB Packet Storm
197798 3.3 注意 オラクル - Oracle Communications Unified における Calendar Server の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2011-3574 2012-01-23 10:58 2012-01-17 Show GitHub Exploit DB Packet Storm
197799 4 警告 オラクル - Oracle Communications Unified における Calendar Server の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2011-3573 2012-01-23 10:58 2012-01-17 Show GitHub Exploit DB Packet Storm
197800 4.6 警告 オラクル - Oracle Communications Unified における Calendar Server の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2011-3565 2012-01-23 10:56 2012-01-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 31, 2024, 6:02 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
581 - - - An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to update the SAML configuration without authorization. This vulnerability can lead to manipulation of au… New CWE-284
Improper Access Control
CVE-2024-7475 2024-10-29 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
582 - - - In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability exists. A user can view or delete external users by manipulating the 'id' parameter in the request URL. … New CWE-284
Improper Access Control
CVE-2024-7474 2024-10-29 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
583 - - - A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input handling in multiple features, including user upload, direct… New CWE-22
Path Traversal
CVE-2024-5982 2024-10-29 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
584 - - - Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects F… New - CVE-2024-10474 2024-10-29 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
585 - - - In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affe… New - CVE-2024-10461 2024-10-29 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
586 - - - Incorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost & Clean v2.2.0 allows attackers to bypass fingerprint authentication due to the use of a deprecated API. Update - CVE-2024-31682 2024-10-29 23:35 2024-06-4 Show GitHub Exploit DB Packet Storm
587 4.7 MEDIUM
Local
linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A crash occurs when smc_cdc_tx_handler() tries to access smc_sock but smc_re… Update CWE-362
Race Condition
CVE-2021-46925 2024-10-29 23:35 2024-02-27 Show GitHub Exploit DB Packet Storm
588 5.5 MEDIUM
Local
linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bi… Update NVD-CWE-noinfo
CVE-2021-46920 2024-10-29 23:35 2024-02-27 Show GitHub Exploit DB Packet Storm
589 4.4 MEDIUM
Local
hcltech bigfix_patch_management Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user. Update CWE-522
 Insufficiently Protected Credentials
CVE-2022-42451 2024-10-29 23:35 2023-10-11 Show GitHub Exploit DB Packet Storm
590 5.4 MEDIUM
Network
navblue s.a.s_n-ops_\&_crew NAVBLUE S.A.S N-Ops & Crew 22.5-rc.50 is vulnerable to Cross Site Scripting (XSS). Update CWE-79
Cross-site Scripting
CVE-2022-44349 2024-10-29 23:35 2023-09-1 Show GitHub Exploit DB Packet Storm