Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Sept. 23, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198781	6.8	警告	アップル	-	WebKit におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-2816	2010-07-13 16:28	2009-11-11	Show	GitHub Exploit DB Packet Storm

198782	9.3	危険	アップル	-	Apple Safari の WebKit におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-2195	2010-07-13 16:27	2009-08-11	Show	GitHub Exploit DB Packet Storm

198783	4.3	警告	xmlsoft.org アップルサイバートラスト株式会社サン・マイクロシステムズ OpenOffice.org Project レッドハット	-	libxml2 および libxml の Notation または Enumeration 属性タイプの処理におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-2416	2010-07-13 16:27	2009-08-11	Show	GitHub Exploit DB Packet Storm

198784	4.3	警告	xmlsoft.org アップルサイバートラスト株式会社サン・マイクロシステムズ OpenOffice.org Project レッドハット	-	libxml2 および libxml における DTD 内の要素宣言の処理に関するサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2009-2414	2010-07-13 16:26	2009-08-11	Show	GitHub Exploit DB Packet Storm

198785	4.3	警告	アップル	-	Apple Mac OS の CFNetwork における任意の HTTPS Web サイトを訪問しているように偽装可能な脆弱性	CWE-Other その他	CVE-2009-1723	2010-07-13 16:25	2009-08-5	Show	GitHub Exploit DB Packet Storm

198786	3.5	注意	アップル	-	Apple Mac OS X の Wiki サーバにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1382	2010-07-12 18:12	2010-06-15	Show	GitHub Exploit DB Packet Storm

198787	3.5	注意	アップル	-	Apple Mac OS X の SMB ファイルサーバにおける任意のファイルにアクセスされる脆弱性	CWE-16 環境設定	CVE-2010-1381	2010-07-12 18:12	2010-06-15	Show	GitHub Exploit DB Packet Storm

198788	7.5	危険	アップル	-	Apple Mac OS X の cgtexttops CUPS フィルタにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-1380	2010-07-12 18:11	2010-06-15	Show	GitHub Exploit DB Packet Storm

198789	5	警告	アップル	-	Apple Mac OS X のプリンタ設定におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-1379	2010-07-12 18:11	2010-06-15	Show	GitHub Exploit DB Packet Storm

198790	5	警告	IBM	-	IBM WebSphere Application Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 CWE-noinfo	CVE-2010-0775	2010-07-12 16:43	2010-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Sept. 23, 2024, 8:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1661	7.5	HIGH Network	etictelecom	remote_access_server_firmware	All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s application programmable interface (API) is vulnerable to directory traversal through several different methods. This could a…	CWE-22 Path Traversal	CVE-2022-41607	2024-09-17 05:15	2022-11-11	Show	GitHub Exploit DB Packet Storm

1662	9.8	CRITICAL Network	activity_log_project	activity_log	CSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress.	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2022-27858	2024-09-17 05:15	2022-11-9	Show	GitHub Exploit DB Packet Storm

1663	9.8	CRITICAL Network	miniorange	oauth_2.0_client_for_sso	Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at WordPress.	CWE-306 Missing Authentication for Critical Function	CVE-2022-34858	2024-09-17 05:15	2022-08-23	Show	GitHub Exploit DB Packet Storm

1664	9.8	CRITICAL Network	miniorange	wp_oauth_server	Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2022-34149	2024-09-17 05:15	2022-08-23	Show	GitHub Exploit DB Packet Storm

1665	4.8	MEDIUM Network	ninjaforms	ninja_forms	Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label".	CWE-79 Cross-site Scripting	CVE-2021-36827	2024-09-17 05:15	2022-06-17	Show	GitHub Exploit DB Packet Storm

1666	6.1	MEDIUM Network	wpchill	kb_support	Multiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilities in KB Support (WordPress plugin) <= 1.5.5 versions.	CWE-79 Cross-site Scripting	CVE-2022-27852	2024-09-17 05:15	2022-04-16	Show	GitHub Exploit DB Packet Storm

1667	7.5	HIGH Network	mongodb	mongodb	It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If a…	CWE-787 Out-of-bounds Write	CVE-2021-32040	2024-09-17 05:15	2022-04-13	Show	GitHub Exploit DB Packet Storm

1668	4.8	MEDIUM Network	ampforwp	accelerated_mobile_pages	Multiple Authenticated (admin user role) Persistent Cross-Site Scripting (XSS) vulnerabilities discovered in AMP for WP – Accelerated Mobile Pages WordPress plugin (versions <= 1.0.77.32).	CWE-79 Cross-site Scripting	CVE-2021-23209	2024-09-17 05:15	2022-03-19	Show	GitHub Exploit DB Packet Storm

1669	4.3	MEDIUM Network	solarwinds	orion_platform	It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2021-35248	2024-09-17 05:15	2021-12-21	Show	GitHub Exploit DB Packet Storm

1670	9.6	CRITICAL Adjacent	pardus	liderahenk	On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations via an unsecured API. An attacker with an access to the configurations API could get valid LDAP crede…	CWE-306 Missing Authentication for Critical Function	CVE-2021-3825	2024-09-17 05:15	2021-10-2	Show	GitHub Exploit DB Packet Storm