Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
198661 4.3 警告 KaduTeam - Kadu の History Window の実装におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-1410 2012-03-1 16:29 2012-02-29 Show GitHub Exploit DB Packet Storm
198662 4.9 警告 キングソフト株式会社 - Kingsoft Internet Security 2011 におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他
CVE-2012-0321 2012-03-1 12:04 2012-03-1 Show GitHub Exploit DB Packet Storm
198663 7.5 危険 Hulihan Applications - Hulihan BXR の folder/list における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4963 2012-02-29 15:03 2010-07-22 Show GitHub Exploit DB Packet Storm
198664 7.5 危険 Dev-Team Typoheads - TYPO3 用 Webkit PDFs エクステンションにおける任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足
CVE-2010-4962 2012-02-29 14:52 2011-10-9 Show GitHub Exploit DB Packet Storm
198665 7.5 危険 Dev-Team Typoheads - TYPO3 用 Webkit PDFs エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4961 2012-02-29 14:49 2011-10-9 Show GitHub Exploit DB Packet Storm
198666 4.3 警告 Martin Hesse - TYPO3 用 Branchenbuch エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4960 2012-02-29 14:43 2011-10-9 Show GitHub Exploit DB Packet Storm
198667 7.5 危険 PreProject.com - Pre Projects Pre Podcast Portal の login 機能における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4959 2012-02-29 14:35 2011-10-9 Show GitHub Exploit DB Packet Storm
198668 7.5 危険 Prado Portal - Prado Portal の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4958 2012-02-29 14:23 2011-10-9 Show GitHub Exploit DB Packet Storm
198669 7.5 危険 php-programs - APBoard Developers APBoard の board/board.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4955 2012-02-29 14:06 2011-10-9 Show GitHub Exploit DB Packet Storm
198670 7.5 危険 Gambio - xt:Commerce Gambio 2008 の product_reviews_info.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4954 2012-02-29 14:05 2011-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1621 7.1 HIGH
Local
samsung android Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities. NVD-CWE-noinfo
CVE-2024-49401 2024-11-13 01:10 2024-11-6 Show GitHub Exploit DB Packet Storm
1622 7.1 HIGH
Local
samsung android Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege. CWE-276
Incorrect Default Permissions 
CVE-2024-34679 2024-11-13 01:09 2024-11-6 Show GitHub Exploit DB Packet Storm
1623 4.6 MEDIUM
Physics
samsung android Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen. NVD-CWE-noinfo
CVE-2024-34675 2024-11-13 01:08 2024-11-6 Show GitHub Exploit DB Packet Storm
1624 4.6 MEDIUM
Physics
samsung android Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles. NVD-CWE-noinfo
CVE-2024-34674 2024-11-13 01:08 2024-11-6 Show GitHub Exploit DB Packet Storm
1625 3.3 LOW
Local
samsung android Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate. CWE-922
 Insecure Storage of Sensitive Information
CVE-2024-34677 2024-11-13 01:07 2024-11-6 Show GitHub Exploit DB Packet Storm
1626 5.5 MEDIUM
Local
samsung android Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information. NVD-CWE-Other
CVE-2024-34680 2024-11-13 01:04 2024-11-6 Show GitHub Exploit DB Packet Storm
1627 - - - Improper Privilege Management vulnerability in Nomysoft Informatics Nomysem allows Collect Data as Provided by Users.This issue affects Nomysem: before 13.10.2024. CWE-269
 Improper Privilege Management
CVE-2024-8074 2024-11-13 00:48 2024-11-13 Show GitHub Exploit DB Packet Storm
1628 - - - The NVMe driver queue processing is vulernable to guest-induced infinite loops. - CVE-2024-51566 2024-11-13 00:48 2024-11-13 Show GitHub Exploit DB Packet Storm
1629 - - - The hda driver is vulnerable to a buffer over-read from a guest-controlled value. - CVE-2024-51565 2024-11-13 00:48 2024-11-13 Show GitHub Exploit DB Packet Storm
1630 - - - A guest can trigger an infinite loop in the hda audio driver. - CVE-2024-51564 2024-11-13 00:48 2024-11-13 Show GitHub Exploit DB Packet Storm