Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 22, 2024, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201871 6.8 警告 マイクロソフト - Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-2513 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
201872 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
201873 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
201874 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
201875 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
201876 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
181 - - - Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 is affected by an Incorrect Access Control vulnerability. An authorization bypass allows remote attackers to achieve unauthenticated remote … Update - CVE-2024-33898 2024-10-22 05:15 2024-06-25 Show GitHub Exploit DB Packet Storm
182 9.3 CRITICAL
Network 		redhat
devfile 		openshift
openshift_developer_tools_and_services
registry-support 		A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the `parent` or `… Update CWE-22
Path Traversal 		CVE-2024-1485 2024-10-22 05:13 2024-02-14 Show GitHub Exploit DB Packet Storm
183 5.3 MEDIUM
Network 		treasuredata digdag Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path… Update CWE-22
Path Traversal 		CVE-2024-25125 2024-10-22 05:09 2024-02-14 Show GitHub Exploit DB Packet Storm
184 7.5 HIGH
Network 		openidc
debian
fedoraproject 		mod_auth_openidc
debian_linux
fedora 		mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions mi… Update NVD-CWE-noinfo
CVE-2024-24814 2024-10-22 05:02 2024-02-14 Show GitHub Exploit DB Packet Storm
185 7.8 HIGH
Local 		siemens unicam_fx_firmware A vulnerability has been identified in Unicam FX (All versions). The windows installer agent used in affected product contains incorrect use of privileged APIs that trigger the Windows Console Host (… Update NVD-CWE-noinfo
CVE-2024-22042 2024-10-22 04:50 2024-02-13 Show GitHub Exploit DB Packet Storm
186 9.8 CRITICAL
Network 		rittal iot_interface_firmware
cmc_iii_processing_units_firmware 		The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. The session IDs are predictable, with only 32,768 possible values per user, which… Update CWE-331
 Insufficient Entropy 		CVE-2024-47945 2024-10-22 04:41 2024-10-15 Show GitHub Exploit DB Packet Storm
187 - - - CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the membershipType parameter in edit_type.php New - CVE-2024-48709 2024-10-22 04:35 2024-10-22 Show GitHub Exploit DB Packet Storm
188 - - - CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the address parameter in add_members.php and edit_member.php. New - CVE-2024-46236 2024-10-22 04:35 2024-10-22 Show GitHub Exploit DB Packet Storm
189 7.8 HIGH
Local 		mbconnectline
helmholz 		mbnet.mini_firmware
rex_100_firmware 		An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation. Update NVD-CWE-noinfo
CVE-2024-45271 2024-10-22 04:21 2024-10-15 Show GitHub Exploit DB Packet Storm
190 - - - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid overflow assignment in link_dp_cts sampling_rate is an uint8_t but is assigned an unsigned int, and thus i… New - CVE-2024-50016 2024-10-22 04:15 2024-10-22 Show GitHub Exploit DB Packet Storm