Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 7, 2024, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
200801	9.3	危険	マイクロソフト	-	Indeo コーデックに複数の脆弱性	CWE-119 バッファエラー	CVE-2009-4310	2010-01-25 11:52	2009-12-15	Show	GitHub Exploit DB Packet Storm

200802	9.3	危険	マイクロソフト	-	Microsoft Windows の Windows Media Player 用の Intel Indeo41 コーデックにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4309	2010-01-25 11:51	2009-12-8	Show	GitHub Exploit DB Packet Storm

200803	9.3	危険	マイクロソフト	-	Microsoft Windows の Indeo コーデックにおけるサービス運用妨害 (DoS) の脆弱性	CWE-94 コード・インジェクション	CVE-2009-4210	2010-01-25 11:51	2009-12-8	Show	GitHub Exploit DB Packet Storm

200804	5	警告	アップルサイバートラスト株式会社 IPsec-Tools レッドハット	-	Ipsec-tools の証明書検証および NAT-Traversal におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-1632	2010-01-25 11:48	2009-05-14	Show	GitHub Exploit DB Packet Storm

200805	4	警告	PostgreSQL.org サイバートラスト株式会社ターボリナックスサン・マイクロシステムズレッドハット	-	PostgreSQL のエラーメッセージの変換処理に関するサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-0922	2010-01-25 11:48	2009-03-17	Show	GitHub Exploit DB Packet Storm

200806	5.7	警告	日本電気インターネットイニシアティブヤマハ古河電気工業	-	IPv6 を実装した複数の製品にサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	-	2010-01-25 11:47	2009-10-26	Show	GitHub Exploit DB Packet Storm

200807	9.3	危険	マイクロソフト	-	複数の Microsoft 製品のテキストコンバーターにおける整数オーバーフローの脆弱性	CWE-94 コード・インジェクション	CVE-2009-2506	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

200808	9	危険	マイクロソフト	-	Microsoft Windows の Active Directory フェデレーションサービスにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2509	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

200809	6.9	警告	マイクロソフト	-	Microsoft Windows の Active Directory フェデレーションサービスのシングルサインオン実装における認証情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2009-2508	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

200810	6.8	警告	マイクロソフト	-	Microsoft Windows の LSASS におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-3675	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 7, 2024, 4:10 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2461	9.8	CRITICAL Network	gaizhenbiao	chuanhuchatgpt	The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed to restrict user access to resources wi…	CWE-22 Path Traversal	CVE-2024-3234	2024-09-24 23:09	2024-06-7	Show	GitHub Exploit DB Packet Storm

2462	8.6	HIGH Network	zylon	privategpt	A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. This vulnerability allows attackers to send crafted requests that could res…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-5186	2024-09-24 23:04	2024-06-7	Show	GitHub Exploit DB Packet Storm

2463	5.4	MEDIUM Network	gaizhenbiao	chuanhuchatgpt	A stored Cross-Site Scripting (XSS) vulnerability existed in version (20240121) of gaizhenbiao/chuanhuchatgpt due to inadequate sanitization and validation of model output data. Despite user-input va…	CWE-79 Cross-site Scripting	CVE-2024-3402	2024-09-24 23:04	2024-06-7	Show	GitHub Exploit DB Packet Storm

2464	6.3	MEDIUM Network	kanboard	kanboard	Kanboard is project management software that focuses on the Kanban methodology. The vuln is in app/Controller/ProjectPermissionController.php function addUser(). The users permission to add users to …	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-36399	2024-09-24 22:59	2024-06-7	Show	GitHub Exploit DB Packet Storm

2465	7.8	HIGH Local	a10networks	advanced_core_operating_system	A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of A10 Thunder ADC…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2024-30369	2024-09-24 22:55	2024-06-7	Show	GitHub Exploit DB Packet Storm

2466	8.8	HIGH Network	a10networks	advanced_core_operating_system	A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of A10 Thunder ADC…	CWE-77 Command Injection	CVE-2024-30368	2024-09-24 22:54	2024-06-7	Show	GitHub Exploit DB Packet Storm

2467	8.8	HIGH Network	agpt	autogpt	A Cross-Site Request Forgery (CSRF) vulnerability in significant-gravitas/autogpt version v0.5.0 allows attackers to execute arbitrary commands on the AutoGPT server. The vulnerability stems from the…	CWE-352 Origin Validation Error	CVE-2024-1879	2024-09-24 22:54	2024-06-7	Show	GitHub Exploit DB Packet Storm

2468	8.1	HIGH Network	micropython	micropython	A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use …	CWE-416 Use After Free	CVE-2024-8947	2024-09-24 22:17	2024-09-18	Show	GitHub Exploit DB Packet Storm

2469	7.5	HIGH Network	micropython	micropython	A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mp_vfs_umount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipula…	CWE-787 Out-of-bounds Write	CVE-2024-8946	2024-09-24 22:11	2024-09-18	Show	GitHub Exploit DB Packet Storm

2470	7.8	HIGH Local	microsoft	visio office 365_apps office_long_term_servicing_channel	Microsoft Office Visio Remote Code Execution Vulnerability	NVD-CWE-noinfo	CVE-2024-38016	2024-09-24 20:11	2024-09-20	Show	GitHub Exploit DB Packet Storm