Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201731	7.5	危険	アップル VMware サン・マイクロシステムズヒューレット・パッカードレッドハット	-	複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0849	2011-03-17 08:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

201732	7.5	危険	アップル VMware サン・マイクロシステムズヒューレット・パッカードレッドハット	-	複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0848	2011-03-17 08:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

201733	7.5	危険	サン・マイクロシステムズ VMware	-	複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0850	2011-03-17 08:17	2010-03-30	Show	GitHub Exploit DB Packet Storm

201734	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の TextXtra モジュールにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-4195	2011-03-11 18:22	2011-02-8	Show	GitHub Exploit DB Packet Storm

201735	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の dirapi.dll モジュールにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-4194	2011-03-11 18:21	2011-02-8	Show	GitHub Exploit DB Packet Storm

201736	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-4193	2011-03-11 18:21	2011-02-8	Show	GitHub Exploit DB Packet Storm

201737	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-4192	2011-03-11 18:21	2011-02-8	Show	GitHub Exploit DB Packet Storm

201738	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-4191	2011-03-11 18:20	2011-02-8	Show	GitHub Exploit DB Packet Storm

201739	7.5	危険	アップル VMware サン・マイクロシステムズヒューレット・パッカードレッドハット	-	複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0846	2011-03-11 10:16	2010-03-30	Show	GitHub Exploit DB Packet Storm

201740	7.5	危険	アップルサイバートラスト株式会社サン・マイクロシステムズヒューレット・パッカード VMware レッドハット	-	複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0841	2011-03-11 10:11	2010-03-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 17, 2024, 4:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
931	5.4	MEDIUM Network	apple	iphone_os ipados watchos visionos tvos macos safari	The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Pr…	NVD-CWE-noinfo	CVE-2024-44296	2024-11-14 23:58	2024-10-29	Show	GitHub Exploit DB Packet Storm

932	7.3	HIGH Network	wppa	wp_photo_album_plus	The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This …	CWE-94 Code Injection	CVE-2024-10958	2024-11-14 23:57	2024-11-10	Show	GitHub Exploit DB Packet Storm

933	7.2	HIGH Network	angeljudesuarez	construction_management_system	A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrow_id parameter.	CWE-89 SQL Injection	CVE-2024-50972	2024-11-14 23:55	2024-11-14	Show	GitHub Exploit DB Packet Storm

934	9.8	CRITICAL Network	weechat	weechat	WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects string_free_split_shared , string_f…	CWE-190 Integer Overflow or Wraparound	CVE-2024-46613	2024-11-14 23:55	2024-11-11	Show	GitHub Exploit DB Packet Storm

935	7.2	HIGH Network	angeljudesuarez	construction_management_system	A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the map_id parameter.	CWE-89 SQL Injection	CVE-2024-50971	2024-11-14 23:54	2024-11-14	Show	GitHub Exploit DB Packet Storm

936	8.8	HIGH Network	nikoarroyocuraza	online_furniture_shopping_project	A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.	CWE-89 SQL Injection	CVE-2024-50970	2024-11-14 23:52	2024-11-14	Show	GitHub Exploit DB Packet Storm

937	8.8	HIGH Network	tendacn	g3_firmware	Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function.	CWE-77 Command Injection	CVE-2024-50853	2024-11-14 23:49	2024-11-14	Show	GitHub Exploit DB Packet Storm

938	6.1	MEDIUM Network	anisha	jonnys_liquor	A Reflected cross-site scripting (XSS) vulnerability in browse.php of Code-projects Jonnys Liquor 1.0 allows remote attackers to inject arbitrary web scripts or HTML via the search parameter.	CWE-79 Cross-site Scripting	CVE-2024-50969	2024-11-14 23:47	2024-11-14	Show	GitHub Exploit DB Packet Storm

939	8.8	HIGH Network	tendacn	g3_firmware	Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function.	CWE-787 Out-of-bounds Write	CVE-2024-50854	2024-11-14 23:43	2024-11-14	Show	GitHub Exploit DB Packet Storm

940	8.8	HIGH Network	tendacn	g3_firmware	Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function.	CWE-77 Command Injection	CVE-2024-50852	2024-11-14 23:38	2024-11-14	Show	GitHub Exploit DB Packet Storm