Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 16, 2024, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198871 7.5 危険 DrBenHur - DBHcms の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4869 2012-02-9 11:10 2011-10-5 Show GitHub Exploit DB Packet Storm
198872 4.3 警告 W-Agora - W-Agora の search.php3 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4868 2012-02-9 11:10 2011-10-5 Show GitHub Exploit DB Packet Storm
198873 7.5 危険 W-Agora - W-Agora の search.php3 におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4867 2012-02-9 11:10 2011-10-5 Show GitHub Exploit DB Packet Storm
198874 7.5 危険 Chipmunk Scripts - Chipmunk Board の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4866 2012-02-9 11:09 2011-10-5 Show GitHub Exploit DB Packet Storm
198875 7.5 危険 Jextensions - Joomla! 用 JE Guestbook (com_jeguestbook) コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4865 2012-02-9 11:08 2011-10-5 Show GitHub Exploit DB Packet Storm
198876 7.5 危険 Daniel James Scott - Joomla! 用 Club Manager (com_clubmanager) コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4864 2012-02-9 11:08 2011-10-5 Show GitHub Exploit DB Packet Storm
198877 4.3 警告 The GetSimple Team - GetSimple CMS の admin/changedata.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4863 2012-02-9 11:07 2011-10-5 Show GitHub Exploit DB Packet Storm
198878 7.5 危険 Joomla!
Jextensions		 - Joomla! 用 JExtensions JE Director コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4862 2012-02-9 11:07 2011-10-5 Show GitHub Exploit DB Packet Storm
198879 7.5 危険 webSPELL - webSPELL の asearch.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4861 2012-02-9 11:06 2011-10-5 Show GitHub Exploit DB Packet Storm
198880 7.5 危険 Galaxyscriptz - MyPhpAuction の product_desc.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4860 2012-02-9 11:05 2011-10-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 16, 2024, 5:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1481 9.8 CRITICAL
Network 		oretnom23 online_computer_and_laptop_store Sourcecodester Online Computer and Laptop Store 1.0 is vulnerable to Incorrect Access Control, which allows remote attackers to elevate privileges to the administrator's role. NVD-CWE-Other
CVE-2023-31704 2024-11-13 00:35 2023-07-14 Show GitHub Exploit DB Packet Storm
1482 7.3 HIGH
Local 		samsung android Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. User interaction is required for triggering this … CWE-787
 Out-of-bounds Write 		CVE-2024-34676 2024-11-13 00:31 2024-11-6 Show GitHub Exploit DB Packet Storm
1483 7.8 HIGH
Local 		samsung android Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. CWE-787
 Out-of-bounds Write 		CVE-2024-34678 2024-11-13 00:30 2024-11-6 Show GitHub Exploit DB Packet Storm
1484 - - - In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6. Reported by Ather Iqbal. - CVE-2024-10315 2024-11-13 00:15 2024-11-12 Show GitHub Exploit DB Packet Storm
1485 - - - A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP pac… CWE-400
 Uncontrolled Resource Consumption 		CVE-2024-6501 2024-11-13 00:15 2024-07-10 Show GitHub Exploit DB Packet Storm
1486 - - - A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack. CWE-400
 Uncontrolled Resource Consumption 		CVE-2024-6126 2024-11-13 00:15 2024-07-4 Show GitHub Exploit DB Packet Storm
1487 - - - A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, … CWE-354
 Improper Validation of Integrity Check Value 		CVE-2024-3727 2024-11-13 00:15 2024-05-15 Show GitHub Exploit DB Packet Storm
1488 - - - A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server… CWE-416
 Use After Free 		CVE-2024-31083 2024-11-13 00:15 2024-04-5 Show GitHub Exploit DB Packet Storm
1489 - - - A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially lead… CWE-126
 Buffer Over-read 		CVE-2024-31081 2024-11-13 00:15 2024-04-4 Show GitHub Exploit DB Packet Storm
1490 - - - A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially lead… CWE-126
 Buffer Over-read 		CVE-2024-31080 2024-11-13 00:15 2024-04-4 Show GitHub Exploit DB Packet Storm