Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 26, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202261	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer に脆弱性	CWE-94 コード・インジェクション	CVE-2009-3672	2010-01-14 12:08	2009-11-25	Show	GitHub Exploit DB Packet Storm

202262	9.3	危険	サン・マイクロシステムズ VMware	-	Sun Java SE の java.lang パッケージにおける脆弱性	CWE-362 競合状態	CVE-2009-2724	2010-01-14 12:08	2009-08-10	Show	GitHub Exploit DB Packet Storm

202263	10	危険	サン・マイクロシステムズ VMware	-	Sun Java SE の Provider クラスにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-2721	2010-01-14 12:08	2009-08-10	Show	GitHub Exploit DB Packet Storm

202264	5	警告	有限会社シースリー	-	WebCalenderC3 におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0348	2010-01-12 15:01	2010-01-12	Show	GitHub Exploit DB Packet Storm

202265	4.3	警告	有限会社シースリー	-	WebCalenderC3 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0349	2010-01-12 15:00	2010-01-12	Show	GitHub Exploit DB Packet Storm

202266	10	危険	サイバートラスト株式会社 XEmacs	-	XEmacs の glyphs-eimage.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-2688	2010-01-12 14:48	2009-08-5	Show	GitHub Exploit DB Packet Storm

202267	6.8	警告	IBM	-	IBM WebSphere Application Server (WAS) におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-2746	2010-01-12 14:48	2009-11-13	Show	GitHub Exploit DB Packet Storm

202268	5	警告	アップル	-	Apple Safari におけるローカル HTML ファイルを読まれる脆弱性	CWE-Other その他	CVE-2009-2842	2010-01-7 12:09	2009-11-11	Show	GitHub Exploit DB Packet Storm

202269	5.5	警告	シックス・アパート株式会社	-	Movable Type におけるアクセス制限回避の脆弱性	CWE-264 認可・権限・アクセス制御	-	2010-01-6 15:01	2010-01-6	Show	GitHub Exploit DB Packet Storm

202270	9.3	危険	マイクロソフト	-	Microsoft Office Word および Open XML File Format Converter における、任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3135	2010-01-6 14:44	2009-11-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 27, 2024, 5:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
331	7.3	HIGH Local	intel	virtual_raid_on_cpu	Uncontrolled search path element in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access. Update	CWE-427 Uncontrolled Search Path Element	CVE-2023-32646	2024-10-25 22:54	2024-02-14	Show	GitHub Exploit DB Packet Storm

332	7.8	HIGH Local	intel	ethernet_connections_boot_utility\ _preboot_images\ _and_efi_drivers administrative_tools_for_intel_network_adapters	Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may allow an authenticated user to potentially enable escalation of privilege via local access. Update	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2023-33870	2024-10-25 22:51	2024-02-14	Show	GitHub Exploit DB Packet Storm

333	7.0	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uaf in dbFreeBits [syzbot reported] ================================================================== BUG: KASAN: slab-… Update	CWE-416 Use After Free	CVE-2024-49903	2024-10-25 22:40	2024-10-22	Show	GitHub Exploit DB Packet Storm

334	-		-	-	This vulnerability exists in Philips lighting devices due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting t… New	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-9991	2024-10-25 22:15	2024-10-25	Show	GitHub Exploit DB Packet Storm

335	-		-	-	Autolab, a course management service that enables auto-graded programming assignments, has misconfigured reset password permissions in version 3.0.0. For email-based accounts, users with insufficient… New	CWE-287 Improper Authentication	CVE-2024-49376	2024-10-25 22:15	2024-10-25	Show	GitHub Exploit DB Packet Storm

336	-		-	-	This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ due to improper implementation of session management at the web-based management interface. A remote attacker could exploit this vu… New	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2024-10381	2024-10-25 22:15	2024-10-25	Show	GitHub Exploit DB Packet Storm

337	-		-	-	A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/ajax_p… New	-	CVE-2024-10380	2024-10-25 22:15	2024-10-25	Show	GitHub Exploit DB Packet Storm

338	-		-	-	A vulnerability classified as problematic was found in ESAFENET CDG 5. Affected by this vulnerability is the function actionViewDecyptFile of the file /com/esafenet/servlet/client/DecryptApplicationS… New	CWE-24 Path Traversal: '../filedir'	CVE-2024-10379	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

339	-		-	-	A vulnerability classified as critical has been found in ESAFENET CDG 5. Affected is the function actionViewCDGRenewFile of the file /com/esafenet/servlet/client/CDGRenewApplicationService.java. The … New	CWE-89 SQL Injection	CVE-2024-10378	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

340	6.4	MEDIUM Network	-	-	The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmem_loginout shortcode in all versions up to, and including, 3.4.9.5 due to insuf… New	CWE-79 Cross-site Scripting	CVE-2024-10374	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm