Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 30, 2024, 12:06 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
198061 7.5 危険 Parallels - Parallels Plesk Small Business Panel における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-4753 2011-12-20 11:27 2011-12-16 Show GitHub Exploit DB Packet Storm
198062 10 危険 Parallels - Parallels Plesk Panel の billing system における認証を回避される脆弱性 CWE-255
証明書・パスワード管理
CVE-2011-4749 2011-12-20 11:26 2011-12-16 Show GitHub Exploit DB Packet Storm
198063 5 警告 Parallels - Parallels Plesk Panel の billing system における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2011-4748 2011-12-20 11:25 2011-12-16 Show GitHub Exploit DB Packet Storm
198064 5 警告 Parallels - Parallels Plesk Panel の billing system における暗号保護メカニズムを無効化される脆弱性 CWE-310
暗号の問題
CVE-2011-4747 2011-12-20 11:24 2011-12-16 Show GitHub Exploit DB Packet Storm
198065 5 警告 Parallels - Parallels Plesk Panel の billing system におけるスプーフィング攻撃の脆弱性 CWE-310
暗号の問題
CVE-2011-4746 2011-12-20 11:23 2011-12-16 Show GitHub Exploit DB Packet Storm
198066 4.3 警告 Parallels - Parallels Plesk Panel の billing system におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-4745 2011-12-20 11:17 2011-12-16 Show GitHub Exploit DB Packet Storm
198067 10 危険 Parallels - Parallels Plesk Panel の Control Panel における詳細不明な脆弱性 CWE-DesignError
CVE-2011-4744 2011-12-20 11:16 2011-12-16 Show GitHub Exploit DB Packet Storm
198068 10 危険 Parallels - Parallels Plesk Panel の Control Panel における詳細不明な脆弱性 CWE-DesignError
CVE-2011-4743 2011-12-20 11:16 2011-12-16 Show GitHub Exploit DB Packet Storm
198069 5 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2011-4742 2011-12-20 11:15 2011-12-16 Show GitHub Exploit DB Packet Storm
198070 5 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2011-4741 2011-12-20 11:09 2011-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 30, 2024, 6:01 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
661 8.8 HIGH
Network
yugeshverma student_project_allocation_system A vulnerability, which was classified as critical, was found in Project Worlds Student Project Allocation System 1.0. Affected is an unknown function of the file /student/project_selection/project_se… New CWE-89
SQL Injection
CVE-2024-10423 2024-10-29 09:08 2024-10-28 Show GitHub Exploit DB Packet Storm
662 5.3 MEDIUM
Network
drupal drupal core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist. Update CWE-209
Information Exposure Through an Error Message
CVE-2024-45440 2024-10-29 06:35 2024-08-29 Show GitHub Exploit DB Packet Storm
663 6.8 MEDIUM
Adjacent
safie qbic_cloud_cc-2\/2l_firmware
safie_one_firmware
QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate certificates, which may allow a network-adjacent unauthenticated attacker to obtain and/or alter communi… Update CWE-295
Improper Certificate Validation 
CVE-2024-39771 2024-10-29 06:35 2024-08-28 Show GitHub Exploit DB Packet Storm
664 5.4 MEDIUM
Network
hp poly_clariti_manager_firmware A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation. Update CWE-79
Cross-site Scripting
CVE-2024-41911 2024-10-29 06:35 2024-08-6 Show GitHub Exploit DB Packet Storm
665 3.3 LOW
Local
rd_labs_llc who The com.cascadialabs.who (aka Who - Caller ID, Spam Block) application 15.0 for Android places sensitive information in the system log. Update CWE-532
 Inclusion of Sensitive Information in Log Files
CVE-2024-40096 2024-10-29 06:35 2024-08-5 Show GitHub Exploit DB Packet Storm
666 5.3 MEDIUM
Network
mecodia feripro An Incorrect Access Control vulnerability in "/admin/benutzer/institution/rechteverwaltung/uebersicht" in Feripro <= v2.2.3 allows remote attackers to get a list of all users and their corresponding … Update NVD-CWE-Other
CVE-2024-41517 2024-10-29 06:35 2024-08-3 Show GitHub Exploit DB Packet Storm
667 4.9 MEDIUM
Network
arubanetworks clearpass_policy_manager A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an att… Update NVD-CWE-noinfo
CVE-2024-41916 2024-10-29 06:35 2024-07-31 Show GitHub Exploit DB Packet Storm
668 7.1 HIGH
Local
apple macos
iphone_os
ipados
watchos
tvos
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS… Update NVD-CWE-noinfo
CVE-2024-40774 2024-10-29 06:35 2024-07-30 Show GitHub Exploit DB Packet Storm
669 5.4 MEDIUM
Network
cervantessec cervantes Cervantes through 0.5-alpha accepts insecure file uploads. Update CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-42054 2024-10-29 06:35 2024-07-28 Show GitHub Exploit DB Packet Storm
670 5.9 MEDIUM
Network
s3browser s3_browser An issue in S3Browser v.11.4.5 and v.10.9.9 and fixed in v.11.5.7 allows a remote attacker to obtain sensitive information via the S3 compatible storage component. Update CWE-295
Improper Certificate Validation 
CVE-2024-37865 2024-10-29 06:35 2024-07-10 Show GitHub Exploit DB Packet Storm