Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 19, 2024, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198501 7.5 危険 CreateVision - CreateVision CMS の artykul_print.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1778 2012-03-22 17:32 2012-03-19 Show GitHub Exploit DB Packet Storm
198502 6.8 警告 Webfolio CMS - Webfolio CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-1498 2012-03-22 17:25 2012-03-19 Show GitHub Exploit DB Packet Storm
198503 4.3 警告 NetMechanica - NetMechanica NetDecision の HTTP Server におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-1465 2012-03-22 17:22 2012-03-19 Show GitHub Exploit DB Packet Storm
198504 5 警告 NetMechanica - NetMechanica NetDecision の Dashboard Server におけるインストールパスを取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-1464 2012-03-22 17:22 2012-03-19 Show GitHub Exploit DB Packet Storm
198505 6.8 警告 Contao - Contao の main.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-1297 2012-03-22 17:18 2012-03-19 Show GitHub Exploit DB Packet Storm
198506 4.3 警告 tskynet - Kongreg8 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1789 2012-03-22 17:16 2012-03-19 Show GitHub Exploit DB Packet Storm
198507 7.5 危険 Dotclear - Dotclear の inc/swf/swfupload.swf における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5083 2012-03-22 17:15 2012-03-19 Show GitHub Exploit DB Packet Storm
198508 4.3 警告 WonderDesk - WonderDesk SQL の wonderdesk.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1788 2012-03-22 16:59 2012-03-19 Show GitHub Exploit DB Packet Storm
198509 4.3 警告 s2Member - WordPress 用 s2Member Pro プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5082 2012-03-22 16:55 2012-03-19 Show GitHub Exploit DB Packet Storm
198510 5 警告 Bitweaver - Bitweaver の wiki/rankings.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-5086 2012-03-22 16:54 2012-03-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 19, 2024, 4:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2381 6.5 MEDIUM
Network 		hcltech bigfix_webui_insights A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page. CWE-276
Incorrect Default Permissions  		CVE-2023-23344 2024-11-9 02:35 2023-06-23 Show GitHub Exploit DB Packet Storm
2382 8.8 HIGH
Network 		level1 wbr-6012_firmware The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the curr… CWE-620
 Unverified Password Change 		CVE-2024-33699 2024-11-9 02:09 2024-10-30 Show GitHub Exploit DB Packet Storm
2383 7.5 HIGH
Network 		level1 wbr-6012_firmware The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malforme… NVD-CWE-noinfo
CVE-2024-33700 2024-11-9 02:06 2024-10-30 Show GitHub Exploit DB Packet Storm
2384 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to en… NVD-CWE-noinfo
CVE-2024-50093 2024-11-9 01:49 2024-11-6 Show GitHub Exploit DB Packet Storm
2385 - - - An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, whic… - CVE-2024-50593 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2386 - - - An unauthenticated attacker with access to the local network of the medical office can query an unprotected Fast Healthcare Interoperability Resources (FHIR) API to get access to sensitive electron… - CVE-2024-50589 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2387 - - - An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the data… - CVE-2024-50588 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2388 - - - An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a race condition in the Elefant Update Service during th… - CVE-2024-50592 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2389 - - - An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a command injection vulnerability in the Elefant Update … - CVE-2024-50591 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2390 - - - Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissio… - CVE-2024-50590 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm