Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198091 7.5 危険 シマンテック - Symantec SEP の fw_charts.php におけるレポート生成の制限を回避する脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0114 2012-03-27 18:42 2010-12-15 Show GitHub Exploit DB Packet Storm
198092 7.5 危険 シマンテック - Symantec IM Manager の管理者インターフェースにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0112 2012-03-27 18:42 2010-10-27 Show GitHub Exploit DB Packet Storm
198093 5 警告 mhonarc - MHonArc におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1677 2012-03-27 18:42 2011-01-3 Show GitHub Exploit DB Packet Storm
198094 5.5 警告 レッドハット - RHN Satellite におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1171 2012-03-27 18:42 2011-04-11 Show GitHub Exploit DB Packet Storm
198095 5.8 警告 zeacom - Zeacom Chat Server におけるセッションをハイジャックされるの脆弱性 CWE-310
暗号の問題 		CVE-2010-0217 2012-03-27 18:42 2011-05-20 Show GitHub Exploit DB Packet Storm
198096 5 警告 inventivetec - MediaCAST の authenticate_ad_setup_finished.cfm におけるユーザ名および平文のパスワードを発見される脆弱性 CWE-310
暗号の問題 		CVE-2010-0216 2012-03-27 18:42 2011-05-10 Show GitHub Exploit DB Packet Storm
198097 7.5 危険 シマンテック - Symantec Web Gateway の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0115 2012-03-27 18:42 2011-01-12 Show GitHub Exploit DB Packet Storm
198098 7.1 危険 ヒューレット・パッカード - Palm Pre WebOS における任意の JavaScript を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-5097 2012-03-27 18:42 2011-09-13 Show GitHub Exploit DB Packet Storm
198099 6.8 警告 ea-style - gBook の index_inc.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-5095 2012-03-27 18:42 2011-09-12 Show GitHub Exploit DB Packet Storm
198100 7.5 危険 cmsfaethon - CMS Faethon の info.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-5094 2012-03-27 18:42 2011-09-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 17, 2024, 4:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
891 8.8 HIGH
Network 		pluginhandy amadiscount Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pluginhandy AmaDiscount allows SQL Injection.This issue affects AmaDiscount: from n/a through 1.0. Update CWE-89
SQL Injection 		CVE-2024-51608 2024-11-15 02:14 2024-11-10 Show GitHub Exploit DB Packet Storm
892 4.8 MEDIUM
Network 		mattermost mattermost_server Mattermost versions 9.11.x <= 9.11.2, and 9.5.x <= 9.5.10 fail to protect the mfa code against replay attacks, which allows an attacker to reuse the MFA code within ~30 seconds Update CWE-294
Authentication Bypass by Capture-replay  		CVE-2024-36250 2024-11-15 02:11 2024-11-10 Show GitHub Exploit DB Packet Storm
893 5.4 MEDIUM
Network 		elsner emoji_shortcode Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Elsner Technologies Pvt. Ltd. Emoji Shortcode allows Stored XSS.This issue affects Emoji S… Update CWE-79
Cross-site Scripting 		CVE-2024-51609 2024-11-15 02:10 2024-11-10 Show GitHub Exploit DB Packet Storm
894 7.1 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: fsdax: dax_unshare_iter needs to copy entire blocks The code that copies data from srcmap to iomap in dax_unshare_iter is very ve… Update NVD-CWE-noinfo
CVE-2024-50250 2024-11-15 02:04 2024-11-9 Show GitHub Exploit DB Packet Storm
895 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Make rmw_lock a raw_spin_lock The following BUG was triggered: ============================= [ BUG: Invalid wait con… Update NVD-CWE-noinfo
CVE-2024-50249 2024-11-15 02:01 2024-11-9 Show GitHub Exploit DB Packet Storm
896 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisati… Update CWE-476
 NULL Pointer Dereference 		CVE-2024-50239 2024-11-15 01:59 2024-11-9 Show GitHub Exploit DB Packet Storm
897 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation") r… Update CWE-476
 NULL Pointer Dereference 		CVE-2024-50238 2024-11-15 01:58 2024-11-9 Show GitHub Exploit DB Packet Storm
898 4.3 MEDIUM
Network 		mattermost mattermost_server Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 and 10.0.x <= 10.0.0 fail to properly authorize the requests to /api/v4/channels  which allows a User or System Manager, with "R… Update CWE-863
 Incorrect Authorization 		CVE-2024-42000 2024-11-15 01:48 2024-11-10 Show GitHub Exploit DB Packet Storm
899 4.3 MEDIUM
Network 		mattermost mattermost_server Mattermost versions 10.0.x <= 10.0.0 and 9.11.x <= 9.11.2 fail to properly query ElasticSearch when searching for the channel name in channel switcher which allows an attacker to get private channels… Update NVD-CWE-noinfo
CVE-2024-52032 2024-11-15 01:47 2024-11-10 Show GitHub Exploit DB Packet Storm
900 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: NFSD: Initialize struct nfsd4_copy earlier Ensure the refcount and async_copies fields are initialized early. cleanup_async_copy(… Update CWE-908
 Use of Uninitialized Resource 		CVE-2024-50241 2024-11-15 01:45 2024-11-9 Show GitHub Exploit DB Packet Storm