Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 28, 2024, 6:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
197971	7.5	危険	YourFreeWorld.com	-	YourFreeWorld Banner Management における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4981	2011-12-9 14:37	2011-11-1	Show	GitHub Exploit DB Packet Storm

197972	7.5	危険	My Kazaam	-	My Kazaam Address & Contact Organizer における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4982	2011-12-9 14:36	2011-11-1	Show	GitHub Exploit DB Packet Storm

197973	7.5	危険	iScripts	-	iScripts CyberMatch における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4983	2011-12-9 14:36	2011-11-1	Show	GitHub Exploit DB Packet Storm

197974	7.5	危険	My Kazaam	-	My Kazaam Notes Management System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4984	2011-12-9 14:35	2011-11-1	Show	GitHub Exploit DB Packet Storm

197975	4.3	警告	My Kazaam	-	My Kazaam Notes Management System におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4985	2011-12-9 14:35	2011-11-1	Show	GitHub Exploit DB Packet Storm

197976	7.5	危険	Cafuego	-	Simple Document Management System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4986	2011-12-9 14:34	2011-11-1	Show	GitHub Exploit DB Packet Storm

197977	7.5	危険	KMSoft	-	KMSoft Guestbook の default.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4987	2011-12-9 14:34	2011-11-1	Show	GitHub Exploit DB Packet Storm

197978	7.5	危険	FamilyCMS	-	Family Connections Who is Chatting における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-4988	2011-12-9 14:33	2011-11-1	Show	GitHub Exploit DB Packet Storm

197979	7.5	危険	Farsi CMS	-	Ziggurat Farsi CMS の main.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4989	2011-12-9 14:28	2011-11-1	Show	GitHub Exploit DB Packet Storm

197980	7.5	危険	B-Elektro	-	Joomla! 用 Front-edit Address Book コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4990	2011-12-9 14:28	2011-11-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 28, 2024, 8:13 p.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
521	-	-	-	ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the ZimaOS API endpoint `http://<Zima_Server_IP:PORT>/v3/file?t…	-	CVE-2024-48931	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

522	-	-	-	A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs du…	-	CVE-2024-48425	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

523	-	-	-	A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.	-	CVE-2024-48424	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

524	-	-	-	An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.	-	CVE-2024-48423	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

525	-	-	-	pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.	-	CVE-2024-48208	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

526	-	-	-	The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resour…	CWE-918 CWE-36 Server-Side Request Forgery (SSRF) Absolute Path Traversal	CVE-2024-47883	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

527	-	-	-	OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the built-in "Something went wrong!" error page includes the exception message and exception traceback with…	CWE-79 CWE-81 Cross-site Scripting	CVE-2024-47882	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

528	-	-	-	OpenRefine is a free, open source tool for working with messy data. Starting in version 3.4-beta and prior to version 3.8.3, in the `database` extension, the "enable_load_extension" property can be s…	CWE-89 SQL Injection	CVE-2024-47881	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

529	-	-	-	OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the `export-rows` command can be used in such a way that it reflects part of the request verbatim, with a C…	CWE-79 CWE-348 Cross-site Scripting Use of Less Trusted Source	CVE-2024-47880	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

530	-	-	-	OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, lack of cross-site request forgery protection on the `preview-expression` command means that visiting a mal…	CWE-352 CWE-94 Origin Validation Error Code Injection	CVE-2024-47879	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm