Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 2:02 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
199671 4.3 警告 FullSite Pty Ltd - SchoolMation におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-5010 2011-12-9 14:10 2011-11-2 Show GitHub Exploit DB Packet Storm
199672 7.5 危険 FullSite Pty Ltd - SchoolMation における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-5011 2011-12-9 14:10 2011-11-2 Show GitHub Exploit DB Packet Storm
199673 7.5 危険 David Noguera Gutierrez - DaLogin における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-5012 2011-12-9 14:09 2011-11-2 Show GitHub Exploit DB Packet Storm
199674 7.5 危険 McKenzie Creations - Mckenzie Creations Virtual Real Estate Manager における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-5013 2011-12-9 14:04 2011-11-2 Show GitHub Exploit DB Packet Storm
199675 7.5 危険 ELITE LADDAERS - Elite Gaming Ladders における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-5014 2011-12-9 14:03 2011-11-2 Show GitHub Exploit DB Packet Storm
199676 7.5 危険 2daybiz - 2daybiz Network Community Script における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-5015 2011-12-9 14:00 2011-11-2 Show GitHub Exploit DB Packet Storm
199677 7.5 危険 ELITE LADDAERS - Elite Gaming Ladders における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-5016 2011-12-9 14:00 2011-11-2 Show GitHub Exploit DB Packet Storm
199678 7.5 危険 ELITE LADDAERS - Elite Gaming Ladders における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-5017 2011-12-9 13:59 2011-11-2 Show GitHub Exploit DB Packet Storm
199679 4.3 警告 2daybiz - 2daybiz Online Classified Script におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-5018 2011-12-9 13:59 2011-11-2 Show GitHub Exploit DB Packet Storm
199680 7.5 危険 2daybiz - 2daybiz Online Classified Script における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-5019 2011-12-9 13:58 2011-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 12:12 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2131 - - - An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a command injection vulnerability in the Elefant Update … - CVE-2024-50591 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2132 - - - Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissio… - CVE-2024-50590 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2133 - - - A reflected Cross-Site Scripting (XSS) vulnerability has been identified in Zimbra Collaboration Suite (ZCS) 8.8.15, affecting one of the webmail calendar endpoints. This arises from improper handlin… - CVE-2024-50599 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2134 - - - An issue in EnvisionWare Computer Access & Reservation Control SelfCheck v1.0 (fixed in OneStop 3.2.0.27184 Hotfix May 2024) allows unauthenticated attackers on the same network to perform a director… - CVE-2024-37825 2024-11-9 01:35 2024-06-24 Show GitHub Exploit DB Packet Storm
2135 - - - Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound… - CVE-2024-9143 2024-11-9 01:35 2024-10-17 Show GitHub Exploit DB Packet Storm
2136 - - - J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysOperLogMapper.xml. - CVE-2024-35082 2024-11-9 01:35 2024-05-24 Show GitHub Exploit DB Packet Storm
2137 5.5 MEDIUM
Local
gpac gpac GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at /mp4box/filedump.c. NVD-CWE-noinfo
CVE-2023-37174 2024-11-9 01:35 2023-07-12 Show GitHub Exploit DB Packet Storm
2138 - - - Northern.tech Hosted Mender before 2024.07.11 allows SSRF. - CVE-2024-47190 2024-11-9 01:15 2024-11-9 Show GitHub Exploit DB Packet Storm
2139 - - - Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF. - CVE-2024-46947 2024-11-9 01:15 2024-11-9 Show GitHub Exploit DB Packet Storm
2140 - - - In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the cloc… - CVE-2024-50210 2024-11-9 01:15 2024-11-8 Show GitHub Exploit DB Packet Storm