Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 30, 2024, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
198461 10 危険 シスコシステムズ - Cisco TelePresence Recording Server および Cisco TelePresence Multipoint Switch における脆弱性 CWE-Other
その他
CVE-2011-0385 2011-11-29 10:29 2011-02-23 Show GitHub Exploit DB Packet Storm
198462 10 危険 シスコシステムズ - Cisco TelePresence Multipoint Switch における任意のコードを実行される脆弱性 CWE-287
不適切な認証
CVE-2011-0384 2011-11-29 10:28 2011-02-23 Show GitHub Exploit DB Packet Storm
198463 10 危険 シスコシステムズ - Cisco TelePresence Recording Server および Cisco TelePresence Multipoint Switch における脆弱性 CWE-287
不適切な認証
CVE-2011-0383 2011-11-29 10:27 2011-02-23 Show GitHub Exploit DB Packet Storm
198464 10 危険 シスコシステムズ - Cisco TelePresence Recording Server における任意のコードを実行される脆弱性 CWE-78
OSコマンド・インジェクション
CVE-2011-0382 2011-11-29 09:55 2011-02-23 Show GitHub Exploit DB Packet Storm
198465 10 危険 シスコシステムズ - Cisco TelePresence Manager における任意のコードを実行される脆弱性 CWE-78
OSコマンド・インジェクション
CVE-2011-0381 2011-11-29 09:55 2011-02-23 Show GitHub Exploit DB Packet Storm
198466 7.5 危険 シスコシステムズ - Cisco TelePresence Manager における認証を回避される脆弱性 CWE-287
不適切な認証
CVE-2011-0380 2011-11-29 09:54 2011-02-23 Show GitHub Exploit DB Packet Storm
198467 7.9 危険 シスコシステムズ - 複数の Cisco 製品におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-0379 2011-11-29 09:53 2011-02-23 Show GitHub Exploit DB Packet Storm
198468 8.3 危険 シスコシステムズ - Cisco TelePresence エンドポイントデバイスの XML-RPC 実装における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション
CVE-2011-0378 2011-11-29 09:53 2011-02-23 Show GitHub Exploit DB Packet Storm
198469 7.8 危険 シスコシステムズ - Cisco TelePresence エンドポイントデバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2011-0377 2011-11-29 09:52 2011-02-23 Show GitHub Exploit DB Packet Storm
198470 10 危険 シスコシステムズ - Cisco TelePresence エンドポイントデバイスにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2011-0376 2011-11-29 09:51 2011-02-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 30, 2024, 8:16 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
421 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in weDevs WP ERP allows Reflected XSS.This issue affects WP ERP: from n/a through 1.13.2. New CWE-79
Cross-site Scripting
CVE-2024-47640 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
422 6.4 MEDIUM
Network
- - The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 2.1.13 due to insufficient input saniti… New CWE-79
Cross-site Scripting
CVE-2024-10226 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
423 - - - A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulatio… New CWE-89
SQL Injection
CVE-2024-8309 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
424 - - - In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. When a user logs in, a… New CWE-1057
CVE-2024-8143 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
425 - - - An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. An attacker can read any file that matche… New - CVE-2024-7962 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
426 - - - mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT (JSON Web Token) used as a bearer token in s… New CWE-312
 Cleartext Storage of Sensitive Information
CVE-2024-7783 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
427 - - - A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. This vulnerability allows attackers to save files anywhere in the filesystem, overwrite ex… New CWE-29
 Path Traversal: '\..\filename'
CVE-2024-7774 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
428 - - - An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in lunary-ai/lunary versions 1.3.2. This vulnerability allows an authenticated user to update other users' p… New CWE-269
 Improper Privilege Management
CVE-2024-7473 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
429 - - - lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API (/v1/users/send-verification) and Sign up API (/auth/signup). An unauthenticated attacker can inj… New CWE-75
Special Element Injection
CVE-2024-7472 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
430 - - - A vulnerability in the GraphCypherQAChain class of langchain-ai/langchainjs versions 0.2.5 and all versions with this class allows for prompt injection, leading to SQL injection. This vulnerability p… New CWE-89
SQL Injection
CVE-2024-7042 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm