Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198461	6.5	警告	IBM	-	複数の IBM 製品の KPI コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4816	2012-03-14 16:08	2012-02-14	Show	GitHub Exploit DB Packet Storm

198462	4	警告	IBM	-	複数の IBM 製品の Help メニューの About オプションにおける詳細不明な脆弱性	CWE-200 情報漏えい	CVE-2011-4817	2012-03-14 16:07	2012-02-14	Show	GitHub Exploit DB Packet Storm

198463	4.3	警告	IBM	-	IBM Maximo Asset Management および Maximo Asset Management Essentials におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2011-4818	2012-03-14 16:06	2012-02-14	Show	GitHub Exploit DB Packet Storm

198464	4.3	警告	IBM	-	IBM Maximo Asset Management および Maximo Asset Management Essentials におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4819	2012-03-14 16:05	2012-02-14	Show	GitHub Exploit DB Packet Storm

198465	4.3	警告	IBM	-	複数の IBM 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0195	2012-03-14 16:04	2012-02-14	Show	GitHub Exploit DB Packet Storm

198466	5	警告	アップル	-	Apple Safari の WebKit における認証情報をキャプチャされる脆弱性	CWE-200 情報漏えい	CVE-2012-0647	2012-03-14 15:52	2012-03-12	Show	GitHub Exploit DB Packet Storm

198467	5	警告	アップル	-	Apple Safari の WebKit におけるユーザを追跡される脆弱性	CWE-200 情報漏えい	CVE-2012-0640	2012-03-14 15:52	2012-03-12	Show	GitHub Exploit DB Packet Storm

198468	6.4	警告	アップル	-	Windows 上で稼働する Apple Safari の IDN 機能におけるドメイン名を偽装される脆弱性	CWE-20 不適切な入力確認	CVE-2012-0584	2012-03-14 15:34	2012-03-12	Show	GitHub Exploit DB Packet Storm

198469	6.4	警告	VMware	-	VMware vCenter Chargeback Manager における任意のファイルを読まれる脆弱性	CWE-20 不適切な入力確認	CVE-2012-1472	2012-03-14 15:15	2012-03-8	Show	GitHub Exploit DB Packet Storm

198470	5	警告	yaSSL	-	yaSSL CyaSSL におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-1558	2012-03-14 11:53	2012-03-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 17, 2024, 4:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1331	7.5	HIGH Network	idurarapp	idurar	IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using the reference usage here, it is identified that the public endpoint is acc…	CWE-22 CWE-23 Path Traversal Relative Path Traversal	CVE-2024-47769	2024-11-14 00:12	2024-10-5	Show	GitHub Exploit DB Packet Storm

1332	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: blk_iocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in the ioc_forgive_debts() functio…	NVD-CWE-noinfo	CVE-2024-49933	2024-11-14 00:09	2024-10-22	Show	GitHub Exploit DB Packet Storm

1333	9.8	CRITICAL Network	yarpp	yet_another_related_posts_plugin	Access Control vulnerability in YARPP YARPP allows . This issue affects YARPP: from n/a through 5.30.10.	CWE-862 Missing Authorization	CVE-2024-43919	2024-11-14 00:02	2024-11-2	Show	GitHub Exploit DB Packet Storm

1334	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: btrfs: don't readahead the relocation inode on RST On relocation we're doing readahead on the relocation inode, but if the filesy…	CWE-617 Reachable Assertion	CVE-2024-49932	2024-11-14 00:01	2024-10-22	Show	GitHub Exploit DB Packet Storm

1335	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runti…	NVD-CWE-noinfo	CVE-2024-49927	2024-11-13 23:58	2024-10-22	Show	GitHub Exploit DB Packet Storm

1336	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb() For kernels built with CONFIG_FORCE_NR_CPUS=y, …	NVD-CWE-noinfo	CVE-2024-49926	2024-11-13 23:57	2024-10-22	Show	GitHub Exploit DB Packet Storm

1337	8.1	HIGH Network	lifplatforms	lif_authentication_server	Lif Authentication Server is a server used by Lif to do various tasks regarding Lif accounts. This vulnerability has to do with the account recovery system where there does not appear to be a check t…	CWE-862 Missing Authorization	CVE-2024-47768	2024-11-13 23:55	2024-10-5	Show	GitHub Exploit DB Packet Storm

1338	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a sdiv overflow issue Zac Ecob reported a problem where a bpf program may cause kernel crash due to the following error:…	CWE-190 Integer Overflow or Wraparound	CVE-2024-49888	2024-11-13 23:54	2024-10-22	Show	GitHub Exploit DB Packet Storm

1339	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't panic system for no free segment fault injection f2fs: fix to don't panic system for no free segment fault inj…	NVD-CWE-noinfo	CVE-2024-49887	2024-11-13 23:50	2024-10-22	Show	GitHub Exploit DB Packet Storm

1340	6.1	MEDIUM Network	jgniecki	minecraft_motd_parser	Minecraft MOTD Parser is a PHP library to parse minecraft server motd. The HtmlGenerator class is subject to potential cross-site scripting (XSS) attack through a parsed malformed Minecraft server MO…	CWE-79 CWE-80 Cross-site Scripting Basic XSS	CVE-2024-47765	2024-11-13 23:48	2024-10-5	Show	GitHub Exploit DB Packet Storm