Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201791 9.3 危険 アドビシステムズ
レッドハット		 - Adobe Reader および Acrobat における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-0565 2011-03-8 12:37 2011-02-8 Show GitHub Exploit DB Packet Storm
201792 9.3 危険 アドビシステムズ - Adobe Reader および Acrobat における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-0564 2011-03-8 12:36 2011-02-8 Show GitHub Exploit DB Packet Storm
201793 9.3 危険 アドビシステムズ
レッドハット		 - Adobe Reader および Acrobat における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-0563 2011-03-8 12:36 2011-02-8 Show GitHub Exploit DB Packet Storm
201794 6.9 警告 アドビシステムズ
レッドハット		 - Adobe Reader および Acrobat における権限昇格の脆弱性 CWE-Other
その他 		CVE-2011-0562 2011-03-8 12:36 2011-02-8 Show GitHub Exploit DB Packet Storm
201795 6.4 警告 マイクロソフト - 複数の Microsoft 製品の Kerberos 実装における権限昇格の脆弱性 CWE-287
不適切な認証 		CVE-2011-0091 2011-03-7 15:08 2011-02-8 Show GitHub Exploit DB Packet Storm
201796 7.2 危険 マイクロソフト - 複数の Microsoft 製品の Kerberos 実装における権限昇格の脆弱性 CWE-310
暗号の問題 		CVE-2011-0043 2011-03-7 15:05 2011-02-8 Show GitHub Exploit DB Packet Storm
201797 7.2 危険 マイクロソフト - 複数の Microsoft 製品の win32k.sys における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0090 2011-03-7 15:03 2011-02-8 Show GitHub Exploit DB Packet Storm
201798 7.2 危険 マイクロソフト - 複数の Microsoft 製品の win32k.sys における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0089 2011-03-7 15:00 2011-02-8 Show GitHub Exploit DB Packet Storm
201799 7.2 危険 マイクロソフト - 複数の Microsoft 製品の win32k.sys における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0088 2011-03-7 14:57 2011-02-8 Show GitHub Exploit DB Packet Storm
201800 7.2 危険 マイクロソフト - 複数の Microsoft 製品の win32k.sys における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0087 2011-03-7 14:54 2011-02-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 17, 2024, 4:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
841 4.3 MEDIUM
Network 		futuriowp futurio_extra The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.0.13 via the 'elementor-template' shortcode due to insufficient restrictions on wh… Update CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-10695 2024-11-15 04:44 2024-11-12 Show GitHub Exploit DB Packet Storm
842 6.1 MEDIUM
Network 		wpplugin contact_form_7_redirect_\&_thank_you_page The Contact Form 7 Redirect & Thank You Page plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.0.6 due to insufficie… Update CWE-79
Cross-site Scripting 		CVE-2024-10685 2024-11-15 04:40 2024-11-12 Show GitHub Exploit DB Packet Storm
843 7.5 HIGH
Network 		onedev_project onedev OneDev is a Git server with CI/CD, kanban, and packages. A vulnerability in versions prior to 11.0.9 allows unauthenticated users to read arbitrary files accessible by the OneDev server process. This… Update CWE-22
Path Traversal 		CVE-2024-45309 2024-11-15 04:39 2024-10-22 Show GitHub Exploit DB Packet Storm
844 8.1 HIGH
Network 		ampache ampache Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating catalog. … Update CWE-352
 Origin Validation Error 		CVE-2024-51487 2024-11-15 04:37 2024-11-12 Show GitHub Exploit DB Packet Storm
845 9.8 CRITICAL
Network 		mikexstudios xcomic A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. This affects an unknown part. The manipulation of the argument cmd leads to os command injection. It is possi… Update CWE-78
OS Command  		CVE-2005-10003 2024-11-15 04:35 2024-10-17 Show GitHub Exploit DB Packet Storm
846 - - - The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data. Update - CVE-2023-42840 2024-11-15 04:35 2024-02-21 Show GitHub Exploit DB Packet Storm
847 5.5 MEDIUM
Local 		gpac gpac GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so. Update NVD-CWE-noinfo
CVE-2023-37767 2024-11-15 04:35 2023-07-12 Show GitHub Exploit DB Packet Storm
848 5.3 MEDIUM
Network 		jetbrains ktor In JetBrains Ktor before 3.0.0 improper caching in HttpCache Plugin could lead to response information disclosure Update NVD-CWE-Other
CVE-2024-49580 2024-11-15 04:25 2024-10-17 Show GitHub Exploit DB Packet Storm
849 6.1 MEDIUM
Network 		jetbrains youtrack In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests Update NVD-CWE-Other
CVE-2024-49579 2024-11-15 04:24 2024-10-17 Show GitHub Exploit DB Packet Storm
850 9.8 CRITICAL
Network 		ninjateam multi_step_for_contact_form_7 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NinjaTeam Multi Step for Contact Form allows SQL Injection.This issue affects Multi Step for Cont… Update CWE-89
SQL Injection 		CVE-2024-47331 2024-11-15 04:22 2024-10-12 Show GitHub Exploit DB Packet Storm