Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Dec. 24, 2024, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
202191 5.1 警告 Yahoo! - Yahoo! Messenger の YImage.dll の CYImage::LoadJPG メソッドにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2012-0268 2012-01-24 15:13 2012-01-19 Show GitHub Exploit DB Packet Storm
202192 5 警告 Certec EDV - Certec EDV atvise におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性 CWE-noinfo
情報不足
CVE-2011-4873 2012-01-24 15:11 2012-01-19 Show GitHub Exploit DB Packet Storm
202193 10 危険 シスコシステムズ - Cisco TelePresence Software における設定を変更される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-4659 2012-01-24 15:09 2012-01-18 Show GitHub Exploit DB Packet Storm
202194 9.3 危険 IBM - IBM SPSS Dimensions および SPSS Data Collection における任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2012-0188 2012-01-23 17:54 2012-01-18 Show GitHub Exploit DB Packet Storm
202195 9.3 危険 マイクロソフト - 複数の Microsoft Windows 製品の Windows Object Packager 設定における権限昇格の脆弱性 CWE-Other
その他
CVE-2012-0009 2012-01-23 17:52 2012-01-10 Show GitHub Exploit DB Packet Storm
202196 9.3 危険 IBM - IBM SPSS SamplePower の VsVIEW6.ocx における任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2012-0189 2012-01-23 16:33 2012-01-18 Show GitHub Exploit DB Packet Storm
202197 9.3 危険 IBM - IBM SPSS Dimensions および SPSS Data Collection における任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2012-0190 2012-01-23 16:33 2012-01-18 Show GitHub Exploit DB Packet Storm
202198 5 警告 The PHP Group - PHP の tidy_diagnose 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2012-0781 2012-01-23 16:32 2012-01-18 Show GitHub Exploit DB Packet Storm
202199 1.7 注意 オラクル - Oracle MySQL の MySQL Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0494 2012-01-23 16:22 2012-01-17 Show GitHub Exploit DB Packet Storm
202200 2.1 注意 オラクル - Oracle MySQL の MySQL Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2012-0493 2012-01-23 16:21 2012-01-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Dec. 24, 2024, 4:05 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1011 - - - An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to version 7.7.0 that allows external access to the resources in certain admin root folders. - CVE-2024-9945 2024-12-14 01:15 2024-12-14 Show GitHub Exploit DB Packet Storm
1012 - - - Ucum-java is a FHIR Java library providing UCUM Services. In versions prior to 1.0.9, XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML … CWE-611
XXE
CVE-2024-55887 2024-12-14 01:15 2024-12-14 Show GitHub Exploit DB Packet Storm
1013 - - - Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could all… CWE-94
Code Injection
CVE-2024-55661 2024-12-14 01:15 2024-12-14 Show GitHub Exploit DB Packet Storm
1014 - - - Combodo iTop is an open source and web-based IT service management platform. Prior to versions 2.7.11, 3.1.2, and 3.2.0., iTop has a cross-site scripting vulnerability that can lead to cross-site req… CWE-352
CWE-79
 Origin Validation Error
Cross-site Scripting
CVE-2024-54139 2024-12-14 01:15 2024-12-14 Show GitHub Exploit DB Packet Storm
1015 - - - An authenticated attacker with the user/role "Poweruser" can perform an SQL injection by accessing the /class/template_io.php file and supplying malicious GET parameters. The "templates" parameter is… - CVE-2024-50584 2024-12-14 01:15 2024-12-12 Show GitHub Exploit DB Packet Storm
1016 - - - The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database se… - CVE-2024-28146 2024-12-14 01:15 2024-12-12 Show GitHub Exploit DB Packet Storm
1017 - - - The password change function at /cgi/admin.cgi does not require the current/old password, which makes the application vulnerable to account takeover. An attacker can use this to forcefully set a new … - CVE-2024-28143 2024-12-14 01:15 2024-12-12 Show GitHub Exploit DB Packet Storm
1018 5.4 MEDIUM
Network
adobe experience_manager Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable … CWE-79
Cross-site Scripting
CVE-2024-52841 2024-12-14 01:14 2024-12-11 Show GitHub Exploit DB Packet Storm
1019 5.4 MEDIUM
Network
adobe experience_manager Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable … CWE-79
Cross-site Scripting
CVE-2024-52836 2024-12-14 01:14 2024-12-11 Show GitHub Exploit DB Packet Storm
1020 5.4 MEDIUM
Network
adobe experience_manager Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable … CWE-79
Cross-site Scripting
CVE-2024-52835 2024-12-14 01:13 2024-12-11 Show GitHub Exploit DB Packet Storm