Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 19, 2024, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201651	3.3	注意	レッドハット	-	SPICE Firefox のプラグインにおける任意のファイルを上書される脆弱性	CWE-59 リンク解釈の問題	CVE-2011-0012	2011-04-28 15:32	2011-04-7	Show	GitHub Exploit DB Packet Storm

201652	5.8	警告	Apache Software Foundation	-	Apache Tomcat におけるアクセス制限を回避される脆弱性	CWE-DesignError	CVE-2011-1183	2011-04-28 15:31	2011-04-1	Show	GitHub Exploit DB Packet Storm

201653	5	警告	Apache Software Foundation	-	Apache Tomcat の HTTP BIO コネクタにおけるレスポンスを閲覧される脆弱性	CWE-20 不適切な入力確認	CVE-2011-1475	2011-04-28 15:29	2011-03-28	Show	GitHub Exploit DB Packet Storm

201654	2.1	注意	オラクル	-	Oracle Solaris 10 に認証情報漏えいの脆弱性	-	CVE-2011-0412	2011-04-28 15:27	2011-04-6	Show	GitHub Exploit DB Packet Storm

201655	-	-	デル	-	Dell Kace K2000 Systems Deployment Appliance に脆弱性	-	-	2011-04-28 15:21	2011-04-6	Show	GitHub Exploit DB Packet Storm

201656	-	-	ネットギア	-	Netgear Prosafe Wireless-N Access Point に複数の脆弱性	-	-	2011-04-28 15:19	2011-04-6	Show	GitHub Exploit DB Packet Storm

201657	7.2	危険	Prefix WhoIs Project	-	pWhois Layer Four Traceroute に権限昇格の脆弱性	CWE-noinfo 情報不足	CVE-2011-0765	2011-04-28 15:18	2011-04-5	Show	GitHub Exploit DB Packet Storm

201658	6.9	警告	レッドハット	-	policycoreutils パッケージの seunshare_mount 関数における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1011	2011-04-28 15:11	2011-02-24	Show	GitHub Exploit DB Packet Storm

201659	4.3	警告	マイクロソフト	-	Microsoft Windows にスクリプトインジェクションの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-0096	2011-04-28 14:33	2011-01-31	Show	GitHub Exploit DB Packet Storm

201660	9.3	危険	マイクロソフト	-	Microsoft WMI Administrative Tools の WBEMSingleView.ocx ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-3973	2011-04-28 14:29	2010-12-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 20, 2024, 6:03 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1191	8.8	HIGH Network	microsoft	windows_server_2008 windows_server_2012 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019 windows_server_2022 windows_10_1607 windows_10_1809 …	Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCh…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2013-3900	2024-11-15 23:34	2013-12-11	Show	GitHub Exploit DB Packet Storm

1192	-		-	-	A vulnerability was found in IBPhoenix ibWebAdmin up to 1.0.2 and classified as problematic. This issue affects some unknown processing of the file /database.php of the component Banco de Dados Tab. …	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2024-11240	2024-11-15 23:23	2024-11-15	Show	GitHub Exploit DB Packet Storm

1193	-		-	-	A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the comp…	CWE-22 Path Traversal	CVE-2024-11239	2024-11-15 23:23	2024-11-15	Show	GitHub Exploit DB Packet Storm

1194	-		-	-	Jenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate the previous session on login.	-	CVE-2024-52553	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

1195	-		-	-	Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS) vulnerability…	-	CVE-2024-52552	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

1196	-		-	-	Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing att…	-	CVE-2024-52551	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

1197	-		-	-	Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attacker…	-	CVE-2024-52550	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

1198	-		-	-	Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form valid…	-	CVE-2024-52549	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

1199	-		-	-	The file upload function in the "QWKalkulation" tool of baltic-it TOPqw Webportal v1.35.287.1 (fixed in version 1.35.291), in /Apps/TOPqw/QWKalkulation/QWKalkulation.aspx, is vulnerable to Cross-Site…	-	CVE-2024-45879	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

1200	-		-	-	The "Stammdaten" menu of baltic-it TOPqw Webportal v1.35.283.2 (fixed in version 1.35.291), in /Apps/TOPqw/qwStammdaten.aspx, is vulnerable to persistent Cross-Site Scripting (XSS).	-	CVE-2024-45878	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm