Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 16, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201801	7.2	危険	マイクロソフト	-	複数の Microsoft 製品の win32k.sys における権限昇格の脆弱性	CWE-20 不適切な入力確認	CVE-2011-0086	2011-03-7 14:52	2011-02-8	Show	GitHub Exploit DB Packet Storm

201802	7.2	危険	マイクロソフト	-	Microsoft Windows XP の Trace Events 機能における権限昇格の脆弱性	CWE-119 バッファエラー	CVE-2011-0045	2011-03-7 14:49	2011-02-8	Show	GitHub Exploit DB Packet Storm

201803	7.2	危険	マイクロソフト	-	複数の Microsoft 製品の Local Security Authority Subsystem Service における権限昇格の脆弱性	CWE-287 不適切な認証	CVE-2011-0039	2011-03-7 14:47	2011-02-8	Show	GitHub Exploit DB Packet Storm

201804	6.8	警告	OTRS プロジェクト	-	OTRS における OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2011-0456	2011-03-7 12:02	2011-03-7	Show	GitHub Exploit DB Packet Storm

201805	7.1	危険	マイクロソフト	-	複数の Microsoft 製品の JScript および VBScript スクリプトエンジンにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-0031	2011-03-4 15:12	2011-02-8	Show	GitHub Exploit DB Packet Storm

201806	9.3	危険	マイクロソフト	-	Microsoft Visio の ELEMENTS.DLL における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-0093	2011-03-4 15:09	2011-02-8	Show	GitHub Exploit DB Packet Storm

201807	9.3	危険	マイクロソフト	-	Microsoft Visio の LZW ストリーム圧縮機能における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-0092	2011-03-4 15:06	2011-02-8	Show	GitHub Exploit DB Packet Storm

201808	5	警告	マイクロソフト	-	Windows Server 2003 上で稼働する Microsoft Active Directory におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-0040	2011-03-4 15:02	2011-02-8	Show	GitHub Exploit DB Packet Storm

201809	9.3	危険	マイクロソフト	-	複数の Microsoft 製品の Windows OpenType Compact Font Format ドライバにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0033	2011-03-4 15:00	2011-02-8	Show	GitHub Exploit DB Packet Storm

201810	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 8 における権限昇格の脆弱性	CWE-Other その他	CVE-2011-0038	2011-03-4 14:53	2011-02-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 17, 2024, 5:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
911	9.8	CRITICAL Network	weechat	weechat	WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects string_free_split_shared , string_f… Update	CWE-190 Integer Overflow or Wraparound	CVE-2024-46613	2024-11-14 23:55	2024-11-11	Show	GitHub Exploit DB Packet Storm

912	7.2	HIGH Network	angeljudesuarez	construction_management_system	A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the map_id parameter. New	CWE-89 SQL Injection	CVE-2024-50971	2024-11-14 23:54	2024-11-14	Show	GitHub Exploit DB Packet Storm

913	8.8	HIGH Network	nikoarroyocuraza	online_furniture_shopping_project	A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. New	CWE-89 SQL Injection	CVE-2024-50970	2024-11-14 23:52	2024-11-14	Show	GitHub Exploit DB Packet Storm

914	8.8	HIGH Network	tendacn	g3_firmware	Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function. New	CWE-77 Command Injection	CVE-2024-50853	2024-11-14 23:49	2024-11-14	Show	GitHub Exploit DB Packet Storm

915	6.1	MEDIUM Network	anisha	jonnys_liquor	A Reflected cross-site scripting (XSS) vulnerability in browse.php of Code-projects Jonnys Liquor 1.0 allows remote attackers to inject arbitrary web scripts or HTML via the search parameter. New	CWE-79 Cross-site Scripting	CVE-2024-50969	2024-11-14 23:47	2024-11-14	Show	GitHub Exploit DB Packet Storm

916	8.8	HIGH Network	tendacn	g3_firmware	Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function. New	CWE-787 Out-of-bounds Write	CVE-2024-50854	2024-11-14 23:43	2024-11-14	Show	GitHub Exploit DB Packet Storm

917	8.8	HIGH Network	tendacn	g3_firmware	Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function. New	CWE-77 Command Injection	CVE-2024-50852	2024-11-14 23:38	2024-11-14	Show	GitHub Exploit DB Packet Storm

918	9.8	CRITICAL Network	anisha	job_recruitment	A vulnerability was found in code-projects Job Recruitment 1.0 and classified as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument email le… Update	CWE-89 SQL Injection	CVE-2024-11099	2024-11-14 23:37	2024-11-12	Show	GitHub Exploit DB Packet Storm

919	5.5	MEDIUM Local	adobe	audition	Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to by… Update	CWE-125 Out-of-bounds Read	CVE-2024-47449	2024-11-14 23:32	2024-11-13	Show	GitHub Exploit DB Packet Storm

920	5.9	MEDIUM Network	neomutt mutt redhat	neomutt mutt enterprise_linux	In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of th… Update	CWE-347 Improper Verification of Cryptographic Signature	CVE-2024-49393	2024-11-14 23:31	2024-11-12	Show	GitHub Exploit DB Packet Storm