Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 30, 2024, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
197821 4.3 警告 osCommerce - osCommerce 日本語版におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-0311 2012-01-20 12:08 2012-01-20 Show GitHub Exploit DB Packet Storm
197822 2.7 注意 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0091 2012-01-20 11:36 2012-01-17 Show GitHub Exploit DB Packet Storm
197823 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0089 2012-01-20 11:35 2012-01-17 Show GitHub Exploit DB Packet Storm
197824 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0076 2012-01-20 11:35 2012-01-17 Show GitHub Exploit DB Packet Storm
197825 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0088 2012-01-20 11:35 2012-01-17 Show GitHub Exploit DB Packet Storm
197826 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise CRM コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0074 2012-01-20 11:34 2012-01-17 Show GitHub Exploit DB Packet Storm
197827 5.5 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0080 2012-01-20 11:33 2012-01-17 Show GitHub Exploit DB Packet Storm
197828 3.6 注意 オラクル - Oracle Virtualization の Virtual Desktop Infrastructure コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-3571 2012-01-20 11:09 2012-01-17 Show GitHub Exploit DB Packet Storm
197829 5 警告 オラクル - Oracle Database Server の Listener コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0072 2012-01-20 10:32 2012-01-17 Show GitHub Exploit DB Packet Storm
197830 5.5 警告 オラクル - Oracle Database Server の Core RDBMS コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0082 2012-01-20 10:31 2012-01-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 31, 2024, 6:02 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
591 5.5 MEDIUM
Local
tukaani xz An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" bec… Update NVD-CWE-noinfo
CVE-2020-22916 2024-10-29 23:35 2023-08-23 Show GitHub Exploit DB Packet Storm
592 2.4 LOW
Physics
apple iphone_os
ipados
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the las… Update NVD-CWE-noinfo
CVE-2022-46724 2024-10-29 23:35 2023-08-15 Show GitHub Exploit DB Packet Storm
593 5.5 MEDIUM
Local
apple macos A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system. Update NVD-CWE-noinfo
CVE-2022-46722 2024-10-29 23:35 2023-08-15 Show GitHub Exploit DB Packet Storm
594 6.1 MEDIUM
Network
truedesk truedesk A cross-site scripting (XSS) vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter. Update CWE-79
Cross-site Scripting
CVE-2022-31456 2024-10-29 23:35 2023-07-27 Show GitHub Exploit DB Packet Storm
595 6.5 MEDIUM
Network
vocera voice_server
report_server
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed … Update CWE-22
Path Traversal
CVE-2022-46900 2024-10-29 23:35 2023-07-26 Show GitHub Exploit DB Packet Storm
596 7.5 HIGH
Network
furukawa 423-41w\/ac_firmware
ld421-21w_firmware
ld420-10r_firmware
ld421-21wv_firmware
Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function. Update CWE-79
Cross-site Scripting
CVE-2021-37386 2024-10-29 23:35 2023-07-18 Show GitHub Exploit DB Packet Storm
597 8.3 HIGH
Network
unicode unicode An issue was discovered in the character definitions of the Unicode Specification through 14.0. The specification allows an adversary to produce source code identifiers such as function names using h… Update NVD-CWE-Other
CVE-2021-42694 2024-10-29 23:35 2021-11-1 Show GitHub Exploit DB Packet Storm
598 6.5 MEDIUM
Network
libgd libgd The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks. Update CWE-125
Out-of-bounds Read
CVE-2021-40812 2024-10-29 23:35 2021-09-9 Show GitHub Exploit DB Packet Storm
599 4.3 MEDIUM
Network
samba
redhat
samba
enterprise_linux
storage
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be u… Update CWE-266
 Incorrect Privilege Assignment
CVE-2020-14318 2024-10-29 23:35 2020-12-4 Show GitHub Exploit DB Packet Storm
600 6.5 MEDIUM
Network
h2database h2 An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database… Update CWE-59
Link Following
CVE-2018-14335 2024-10-29 23:35 2018-07-24 Show GitHub Exploit DB Packet Storm