Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199681 7.5 危険 jonkemp - WordPress 用 WordPress Users プラグインの wp-users.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4669 2011-12-5 16:08 2011-12-2 Show GitHub Exploit DB Packet Storm
199682 7.5 危険 IBM - IBM Tivoli Netcool/Reporter における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4668 2011-12-5 16:07 2011-12-2 Show GitHub Exploit DB Packet Storm
199683 5 警告 Schneider Electric - Schneider Electric の複数の製品におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4036 2011-12-5 16:06 2011-10-24 Show GitHub Exploit DB Packet Storm
199684 4.3 警告 Schneider Electric - Schneider Electric の複数の製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4035 2011-12-5 16:05 2011-10-24 Show GitHub Exploit DB Packet Storm
199685 9.3 危険 Schneider Electric - Steema TeeChart ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4034 2011-12-5 16:05 2011-10-24 Show GitHub Exploit DB Packet Storm
199686 4.3 警告 Schneider Electric - Steema TeeChart ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4033 2011-12-5 16:03 2011-10-24 Show GitHub Exploit DB Packet Storm
199687 5 警告 PrestaShop - Prestashop の admin/displayImage.php における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4545 2011-12-5 16:01 2011-12-2 Show GitHub Exploit DB Packet Storm
199688 4.3 警告 PrestaShop - Prestashop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4544 2011-12-5 16:00 2011-12-1 Show GitHub Exploit DB Packet Storm
199689 4.3 警告 atmail pty ltd - AtMail Open におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4540 2011-12-5 15:58 2011-12-1 Show GitHub Exploit DB Packet Storm
199690 2.6 注意 CloudBees - CloudBees Jenkins の Jenkins Core におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4344 2011-12-2 15:50 2011-11-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 5:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2121 - - - nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial of Service by remote attacker. - CVE-2024-28214 2024-11-9 02:35 2024-03-7 Show GitHub Exploit DB Packet Storm
2122 - - - The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1. A user may be unable to delete browsing history items. - CVE-2023-42951 2024-11-9 02:35 2024-02-21 Show GitHub Exploit DB Packet Storm
2123 6.5 MEDIUM
Network 		hcltech bigfix_webui_insights A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page. CWE-276
Incorrect Default Permissions  		CVE-2023-23344 2024-11-9 02:35 2023-06-23 Show GitHub Exploit DB Packet Storm
2124 8.8 HIGH
Network 		level1 wbr-6012_firmware The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the curr… CWE-620
 Unverified Password Change 		CVE-2024-33699 2024-11-9 02:09 2024-10-30 Show GitHub Exploit DB Packet Storm
2125 7.5 HIGH
Network 		level1 wbr-6012_firmware The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malforme… NVD-CWE-noinfo
CVE-2024-33700 2024-11-9 02:06 2024-10-30 Show GitHub Exploit DB Packet Storm
2126 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to en… NVD-CWE-noinfo
CVE-2024-50093 2024-11-9 01:49 2024-11-6 Show GitHub Exploit DB Packet Storm
2127 - - - An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, whic… - CVE-2024-50593 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2128 - - - An unauthenticated attacker with access to the local network of the medical office can query an unprotected Fast Healthcare Interoperability Resources (FHIR) API to get access to sensitive electron… - CVE-2024-50589 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2129 - - - An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the data… - CVE-2024-50588 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2130 - - - An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a race condition in the Elefant Update Service during th… - CVE-2024-50592 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm