Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 10, 2024, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201131	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

201132	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

201133	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

201134	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

201135	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 10, 2024, 4:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
111	7.2	HIGH Network	cisco	rv340_dual_wan_gigabit_vpn_router_firmware rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware rv345_dual_wan_gigabit_vpn_router_firmware rv345p_dual_wan_gigabit_poe_vpn_router_firmware	A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute ar… Update	NVD-CWE-Other	CVE-2024-20470	2024-10-10 01:55	2024-10-3	Show	GitHub Exploit DB Packet Storm

112	5.4	MEDIUM Network	pdfcrowd	save_as_pdf	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF p… Update	CWE-79 Cross-site Scripting	CVE-2024-35649	2024-10-10 01:48	2024-06-5	Show	GitHub Exploit DB Packet Storm

113	7.8	HIGH Local	gnome	libgsf	An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in… Update	CWE-190 Integer Overflow or Wraparound	CVE-2024-42415	2024-10-10 01:44	2024-10-4	Show	GitHub Exploit DB Packet Storm

114	7.8	HIGH Local	gnome	libgsf	An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can resu… Update	CWE-190 Integer Overflow or Wraparound	CVE-2024-36474	2024-10-10 01:37	2024-10-4	Show	GitHub Exploit DB Packet Storm

115	-		-	-	An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. Thi… New	-	CVE-2024-9680	2024-10-10 01:35	2024-10-9	Show	GitHub Exploit DB Packet Storm

116	-		-	-	Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) New	-	CVE-2024-9603	2024-10-10 01:35	2024-10-9	Show	GitHub Exploit DB Packet Storm

117	-		-	-	In the process of testing the Relevanssi WordPress plugin before 4.23.1, a vulnerability was found that allows you to implement Stored XSS on behalf of the Contributor+ by embedding malicious script… New	-	CVE-2024-9021	2024-10-10 01:35	2024-10-8	Show	GitHub Exploit DB Packet Storm

118	-		-	-	Custom Twitter Feeds WordPress plugin before 2.2.3 is not filtering some of its settings allowing high privilege users to inject scripts. New	-	CVE-2024-8983	2024-10-10 01:35	2024-10-8	Show	GitHub Exploit DB Packet Storm

119	4.3	MEDIUM Network	cochinoman	splashscreen	The Splashscreen WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack Update	CWE-352 Origin Validation Error	CVE-2023-6501	2024-10-10 01:35	2024-02-13	Show	GitHub Exploit DB Packet Storm

120	7.5	HIGH Network	phpjabbers	availability_booking_calendar	A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource exhaustion. Update	CWE-400 Uncontrolled Resource Consumption	CVE-2023-48831	2024-10-10 01:35	2023-12-7	Show	GitHub Exploit DB Packet Storm