Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 2, 2024, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200091 6.9 警告 アップル - Windows 上で稼働する Apple iTunes のインストールパッケージにおける権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-0532 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
200092 4.3 警告 アップル - Apple iTunes におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0531 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
200093 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0536 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
200094 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime の QuickTime.qts における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0529 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
200095 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0528 2010-04-26 16:58 2010-03-31 Show GitHub Exploit DB Packet Storm
200096 9.3 危険 アップル - Apple QuickTime における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-0527 2010-04-26 16:58 2010-03-31 Show GitHub Exploit DB Packet Storm
200097 5 警告 アップル
サイバートラスト株式会社
Ruby-lang.org
レッドハット		 - Ruby の BigDecimal ライブラリにおけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2009-1904 2010-04-26 16:46 2009-06-9 Show GitHub Exploit DB Packet Storm
200098 6.9 警告 アップル
Vim		 - Vim の Python インターフェースの src/if_python.c における信頼性のない検索パスの脆弱性 CWE-Other
その他 		CVE-2009-0316 2010-04-26 16:45 2009-01-28 Show GitHub Exploit DB Packet Storm
200099 9.3 危険 アップル
サイバートラスト株式会社
Vim
レッドハット		 - Vim におけるエスケープ文字を適切に処理しないことに関する任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4101 2010-04-26 16:45 2008-10-9 Show GitHub Exploit DB Packet Storm
200100 9.3 危険 アップル
サイバートラスト株式会社
Vim
レッドハット		 - Vim における適切に入力をサニタイズしないことに関する任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2712 2010-04-26 16:45 2008-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 2, 2024, 8:12 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1781 7.1 HIGH
Local 		acronis agent Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36343. CWE-862
 Missing Authorization 		CVE-2023-45246 2024-09-24 04:54 2023-10-6 Show GitHub Exploit DB Packet Storm
1782 5.5 MEDIUM
Local 		apple macos The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause a denial-of-service. NVD-CWE-noinfo
CVE-2024-23237 2024-09-24 04:53 2024-09-17 Show GitHub Exploit DB Packet Storm
1783 7.2 HIGH
Network 		litellm litellm An SQL Injection vulnerability exists in the berriai/litellm repository, specifically within the `/global/spend/logs` endpoint. The vulnerability arises due to improper neutralization of special elem… CWE-89
SQL Injection 		CVE-2024-5225 2024-09-24 04:46 2024-06-7 Show GitHub Exploit DB Packet Storm
1784 7.5 HIGH
Network 		drupal drupal In certain scenarios, Drupal's JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading… NVD-CWE-noinfo
CVE-2023-5256 2024-09-24 04:35 2023-09-29 Show GitHub Exploit DB Packet Storm
1785 4.8 MEDIUM
Network 		ritecms ritecms Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu. CWE-79
Cross-site Scripting 		CVE-2023-43879 2024-09-24 04:35 2023-09-29 Show GitHub Exploit DB Packet Storm
1786 5.3 MEDIUM
Network 		oracle access_manager Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerabili… NVD-CWE-noinfo
CVE-2022-39405 2024-09-24 04:35 2022-10-19 Show GitHub Exploit DB Packet Storm
1787 6.4 MEDIUM
Network 		oracle banking_trade_finance Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit v… NVD-CWE-noinfo
CVE-2022-21586 2024-09-24 04:35 2022-07-20 Show GitHub Exploit DB Packet Storm
1788 5.3 MEDIUM
Network 		contao contao Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page (front end). Users are advised to update to… CWE-74
Injection 		CVE-2024-45612 2024-09-24 04:33 2024-09-18 Show GitHub Exploit DB Packet Storm
1789 6.1 MEDIUM
Local 		apple macos
iphone_os
ipados 		A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using pri… NVD-CWE-noinfo
CVE-2024-40826 2024-09-24 04:25 2024-09-17 Show GitHub Exploit DB Packet Storm
1790 3.3 LOW
Local 		apple iphone_os
ipados 		This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps. NVD-CWE-noinfo
CVE-2024-40830 2024-09-24 04:19 2024-09-17 Show GitHub Exploit DB Packet Storm