Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 9, 2024, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201061	9.3	危険	マイクロソフト	-	複数の Microsoft 製品におけるセルに含まれる計算式の処理に関する任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3131	2010-01-5 16:17	2009-11-10	Show	GitHub Exploit DB Packet Storm

201062	9.3	危険	マイクロソフト	-	Microsoft Office Excel における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3128	2010-01-5 16:17	2009-11-10	Show	GitHub Exploit DB Packet Storm

201063	9.3	危険	マイクロソフト	-	Microsoft Office および Open XML File Format Converter における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3127	2010-01-5 16:16	2009-11-10	Show	GitHub Exploit DB Packet Storm

201064	6.8	警告	アップルサイバートラスト株式会社サン・マイクロシステムズターボリナックスヒューレット・パッカード OpenSSL Project レッドハット	-	OpenSSL の SSL_get_shared_ciphers() 関数における一つずれエラーの脆弱性	CWE-189 数値処理の問題	CVE-2007-5135	2010-01-5 13:31	2007-10-12	Show	GitHub Exploit DB Packet Storm

201065	7.8	危険	マイクロソフト	-	Microsoft Windows で稼働している Active Directory の LDAP サービスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-1928	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

201066	9.3	危険	マイクロソフト	-	Microsoft Windows の kernel における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2514	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

201067	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2513	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

201068	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

201069	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

201070	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 9, 2024, 8:12 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1151	4.9	MEDIUM Network	planet	gs-4210-24p2s_firmware gs-4210-24pl4c_firmware	Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and ob…	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-8459	2024-10-4 23:42	2024-09-30	Show	GitHub Exploit DB Packet Storm

1152	8.8	HIGH Network	planet	gs-4210-24p2s_firmware gs-4210-24pl4c_firmware	Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malici…	CWE-352 Origin Validation Error	CVE-2024-8458	2024-10-4 23:42	2024-09-30	Show	GitHub Exploit DB Packet Storm

1153	7.5	HIGH Network	echostar	fusion	Credentials to access device configuration were transmitted using an unencrypted protocol. These credentials would allow read-only access to network configuration information and terminal configurati…	NVD-CWE-noinfo	CVE-2024-42495	2024-10-4 23:37	2024-09-6	Show	GitHub Exploit DB Packet Storm

1154	4.6	MEDIUM Physics	echostar	fusion	Credentials to access device configuration information stored unencrypted in flash memory. These credentials would allow read-only access to network configuration information and terminal configurati…	CWE-522 Insufficiently Protected Credentials	CVE-2024-39278	2024-10-4 23:36	2024-09-6	Show	GitHub Exploit DB Packet Storm

1155	8.8	HIGH Network	apache	apache-airflow-providers-apache-hive	Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. Patching on top of CVE-2023-35797 Before 6.1.2 the proxy_user option can also inject semico…	CWE-20 Improper Input Validation	CVE-2023-37415	2024-10-4 23:35	2023-07-13	Show	GitHub Exploit DB Packet Storm

1156	6.5	MEDIUM Network	zoom	zoom vdi_windows_meeting_clients meeting_software_development_kit	Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via …	NVD-CWE-noinfo	CVE-2024-24696	2024-10-4 23:33	2024-02-14	Show	GitHub Exploit DB Packet Storm

1157	-		-	-	The Eufy Homebase 2 before firmware version 3.3.4.1h creates a dedicated wireless network for its ecosystem, which serves as a proxy to the end user's primary network. The WPA2-PSK generation of this…	-	CVE-2023-37822	2024-10-4 23:15	2024-10-4	Show	GitHub Exploit DB Packet Storm

1158	4.4	MEDIUM Local	fortinet	fortiproxy fortios	A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy ve…	CWE-916 Use of Password Hash With Insufficient Computational Effort	CVE-2024-21754	2024-10-4 23:13	2024-06-12	Show	GitHub Exploit DB Packet Storm

1159	6.7	MEDIUM Local	zoom	vdi_windows_meeting_clients rooms zoom meeting_sdk	Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.	CWE-426 Untrusted Search Path	CVE-2024-24697	2024-10-4 23:08	2024-02-14	Show	GitHub Exploit DB Packet Storm

1160	-		-	-	Scriptcase v9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_zip function.	-	CVE-2024-46080	2024-10-4 22:51	2024-10-2	Show	GitHub Exploit DB Packet Storm