Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 30, 2024, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
202251 10 危険 マイクロソフト - Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-0270 2010-05-10 19:10 2010-04-13 Show GitHub Exploit DB Packet Storm
202252 10 危険 マイクロソフト - Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題
CVE-2010-0269 2010-05-10 19:09 2010-04-13 Show GitHub Exploit DB Packet Storm
202253 9.3 危険 マイクロソフト - Microsoft Windows の Cabinet File Viewer Shell Extension における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-0487 2010-05-10 19:09 2010-04-13 Show GitHub Exploit DB Packet Storm
202254 9.3 危険 マイクロソフト - Microsoft Windows の Authenticode Signature Verification における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-0486 2010-05-10 19:09 2010-04-13 Show GitHub Exploit DB Packet Storm
202255 4.7 警告 サイバートラスト株式会社
Linux
レッドハット
- x86_64 および amd64 プラットフォーム上 Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他
CVE-2009-4271 2010-05-10 18:25 2010-03-16 Show GitHub Exploit DB Packet Storm
202256 5 警告 VMware - VMware Authorization Service の VMware Authentication Daemon におけるサービス運用妨害 (DoS) の脆弱性 CWE-134
書式文字列の問題
CVE-2009-3707 2010-05-7 17:26 2009-10-16 Show GitHub Exploit DB Packet Storm
202257 9.3 危険 VMware - VMnc メディアコーデックおよびムービーデコーダにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2009-1565 2010-05-7 17:26 2010-04-9 Show GitHub Exploit DB Packet Storm
202258 9.3 危険 VMware - VMnc メディアコーデックおよびムービーデコーダにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-1564 2010-05-7 17:25 2010-04-9 Show GitHub Exploit DB Packet Storm
202259 10 危険 VMware - VMware Remote Console の vmware-vmrc.exe build 158248 における任意のコードを実行される脆弱性 CWE-134
書式文字列の問題
CVE-2009-3732 2010-05-7 17:25 2010-04-9 Show GitHub Exploit DB Packet Storm
202260 7.2 危険 VMware - 複数の VMware 製品の vmrun における権限昇格の脆弱性 CWE-134
書式文字列の問題
CVE-2010-1139 2010-05-7 17:25 2010-04-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 31, 2024, 6:02 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
611 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in weDevs WP ERP allows Reflected XSS.This issue affects WP ERP: from n/a through 1.13.2. New CWE-79
Cross-site Scripting
CVE-2024-47640 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
612 6.4 MEDIUM
Network
- - The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 2.1.13 due to insufficient input saniti… New CWE-79
Cross-site Scripting
CVE-2024-10226 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
613 - - - A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulatio… New CWE-89
SQL Injection
CVE-2024-8309 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
614 - - - In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. When a user logs in, a… New CWE-1057
CVE-2024-8143 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
615 - - - An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. An attacker can read any file that matche… New - CVE-2024-7962 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
616 - - - mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT (JSON Web Token) used as a bearer token in s… New CWE-312
 Cleartext Storage of Sensitive Information
CVE-2024-7783 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
617 - - - A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. This vulnerability allows attackers to save files anywhere in the filesystem, overwrite ex… New CWE-29
 Path Traversal: '\..\filename'
CVE-2024-7774 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
618 - - - An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in lunary-ai/lunary versions 1.3.2. This vulnerability allows an authenticated user to update other users' p… New CWE-269
 Improper Privilege Management
CVE-2024-7473 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
619 - - - lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API (/v1/users/send-verification) and Sign up API (/auth/signup). An unauthenticated attacker can inj… New CWE-75
Special Element Injection
CVE-2024-7472 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
620 - - - A vulnerability in the GraphCypherQAChain class of langchain-ai/langchainjs versions 0.2.5 and all versions with this class allows for prompt injection, leading to SQL injection. This vulnerability p… New CWE-89
SQL Injection
CVE-2024-7042 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm