Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 27, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198001	4.3	警告	Beanbag	-	Review Board の commenting system におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4312	2011-11-25 16:03	2011-11-15	Show	GitHub Exploit DB Packet Storm

198002	3.2	注意	ヒューレット・パッカード	-	HP Operations Agent および Performance Agent におけるディレクトリアクセス制限を回避される脆弱性	CWE-noinfo 情報不足	CVE-2011-4160	2011-11-25 16:02	2011-11-22	Show	GitHub Exploit DB Packet Storm

198003	7.5	危険	Technicolor	-	Thomson TG585 上の UPnP IGD の実装における任意のポートマッピングを確立される脆弱性	CWE-16 環境設定	CVE-2011-4506	2011-11-25 14:33	2011-11-22	Show	GitHub Exploit DB Packet Storm

198004	7.5	危険	日本アルカテル・ルーセント	-	SpeedTouch 5x6 上の UPnP IGD の実装における任意のポートマッピングを確立される脆弱性	CWE-16 環境設定	CVE-2011-4505	2011-11-25 14:32	2011-11-22	Show	GitHub Exploit DB Packet Storm

198005	7.5	危険	ZyXEL Genmei Mori	-	ZyXEL P-330W におけるポートマッピングによる通信を確立される脆弱性	CWE-16 環境設定	CVE-2011-4504	2011-11-25 14:31	2011-11-22	Show	GitHub Exploit DB Packet Storm

198006	7.5	危険	Sitecom Broadcom	-	Sitecom WL-111 上で動作する Broadcom Linux の UPnP IGD 実装におけるポートマッピングを確立される脆弱性	CWE-16 環境設定	CVE-2011-4503	2011-11-25 14:31	2011-11-22	Show	GitHub Exploit DB Packet Storm

198007	7.5	危険	Sitecom Canyon EDIMAX Technology Sweex	-	複数のルータ上で動作する Edimax EdiLinux の UPnP IGD 実装における任意のコマンドを実行される脆弱性	CWE-16 環境設定	CVE-2011-4502	2011-11-25 14:30	2011-11-22	Show	GitHub Exploit DB Packet Storm

198008	7.5	危険	Sitecom Canyon EDIMAX Technology Sweex	-	複数のルータ上で動作する Edimax EdiLinux の UPnP IGD 実装におけるポートマッピングを確立される脆弱性	CWE-16 環境設定	CVE-2011-4501	2011-11-25 14:29	2011-11-22	Show	GitHub Exploit DB Packet Storm

198009	7.5	危険	シスコシステムズ (Linksys) シスコシステムズ	-	Cisco Linksys WRT54GX の UPnP IGD 実装におけるファイアウォールを管理される脆弱性	CWE-16 環境設定	CVE-2011-4500	2011-11-25 14:28	2011-11-22	Show	GitHub Exploit DB Packet Storm

198010	7.5	危険	シスコシステムズ (Linksys) シスコシステムズ	-	Cisco Linksys WRT54G および WRT54GS の UPnP IGD 実装におけるポートマッピングを確立される脆弱性	CWE-16 環境設定	CVE-2011-4499	2011-11-25 14:18	2011-11-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 28, 2024, 5:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
441	-	-	-	A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files. New	-	CVE-2024-48424	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

442	-	-	-	An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library. New	-	CVE-2024-48423	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

443	-	-	-	pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file. New	-	CVE-2024-48208	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

444	-	-	-	The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resour… New	CWE-918 CWE-36 Server-Side Request Forgery (SSRF) Absolute Path Traversal	CVE-2024-47883	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

445	-	-	-	OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the built-in "Something went wrong!" error page includes the exception message and exception traceback with… New	CWE-79 CWE-81 Cross-site Scripting	CVE-2024-47882	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

446	-	-	-	OpenRefine is a free, open source tool for working with messy data. Starting in version 3.4-beta and prior to version 3.8.3, in the `database` extension, the "enable_load_extension" property can be s… New	CWE-89 SQL Injection	CVE-2024-47881	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

447	-	-	-	OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, lack of cross-site request forgery protection on the `preview-expression` command means that visiting a mal… New	CWE-352 CWE-94 Origin Validation Error Code Injection	CVE-2024-47879	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

448	-	-	-	OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the `export-rows` command can be used in such a way that it reflects part of the request verbatim, with a C… New	CWE-79 CWE-348 Cross-site Scripting Use of Less Trusted Source	CVE-2024-47880	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

449	-	-	-	OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the `/extension/gdata/authorized` endpoint includes the `state` GET parameter verbatim in a `<script>` tag … New	CWE-79 Cross-site Scripting	CVE-2024-47878	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

450	-	-	-	An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The upload interface allows the uploading of arbitrary files to the device. Once the d… New	-	CVE-2024-45263	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm