Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 28, 2024, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202421 9.3 危険 マイクロソフト - Microsoft Internet Explorer におけるメモリ破損の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-3671 2010-01-22 10:26 2009-12-8 Show GitHub Exploit DB Packet Storm
202422 10 危険 マイクロソフト - Microsoft Windows のインターネット認証サービスにおけるネットワークリソースにアクセスされる脆弱性 CWE-255
CWE-94
CVE-2009-3677 2010-01-22 10:24 2009-12-8 Show GitHub Exploit DB Packet Storm
202423 10 危険 マイクロソフト - Microsoft Windows のインターネット認証サービスにおける任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2009-2505 2010-01-22 10:24 2009-12-8 Show GitHub Exploit DB Packet Storm
202424 6.9 警告 acpid - acpid の umask におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4235 2010-01-21 11:44 2009-12-7 Show GitHub Exploit DB Packet Storm
202425 6.9 警告 サイバートラスト株式会社
レッドハット
acpid		 - acpid のレッドハットパッチにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4033 2010-01-21 11:43 2009-12-7 Show GitHub Exploit DB Packet Storm
202426 10 危険 アドビシステムズ - Adobe Illustrator における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-3952 2010-01-21 11:43 2010-01-7 Show GitHub Exploit DB Packet Storm
202427 9.3 危険 アドビシステムズ - Adobe Illustrator における Encapsulated PostScript ファイルの処理に関する任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-4195 2010-01-21 11:43 2009-12-4 Show GitHub Exploit DB Packet Storm
202428 4.4 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux Kernel の exit_notify 関数における任意のシグナルをプロセスに送信可能な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1337 2010-01-21 11:23 2009-04-22 Show GitHub Exploit DB Packet Storm
202429 4.9 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux Kernel における sendmsg 関数の呼び出しに関するサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-5300 2010-01-21 11:22 2008-12-1 Show GitHub Exploit DB Packet Storm
202430 6.8 警告 シスコシステムズ - 複数の SSL VPN (Web VPN) 製品においてウェブブラウザのセキュリティが迂回される問題 CWE-264
認可・権限・アクセス制御 		CVE-2009-2631 2010-01-20 14:15 2009-12-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 28, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1 - - - Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances. For this to impact an application, all of the following mus… New - CVE-2024-38821 2024-10-28 16:15 2024-10-28 Show GitHub Exploit DB Packet Storm
2 - - - The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the t… Update - CVE-2024-0387 2024-10-28 16:15 2024-02-27 Show GitHub Exploit DB Packet Storm
3 6.5 MEDIUM
Network 		moxa iologik_e1210_firmware
iologik_e1211_firmware
iologik_e1212_firmware
iologik_e1213_firmware
iologik_e1214_firmware
iologik_e1240_firmware
iologik_e1241_firmware
iologik_e1242_fir… 		A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of se… Update CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2023-5962 2024-10-28 16:15 2023-12-23 Show GitHub Exploit DB Packet Storm
4 5.9 MEDIUM
Network 		moxa mxsecurity A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vuln… Update CWE-798
 Use of Hard-coded Credentials 		CVE-2023-39982 2024-10-28 16:15 2023-09-2 Show GitHub Exploit DB Packet Storm
5 7.2 HIGH
Network 		- - The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7… New CWE-94
Code Injection 		CVE-2024-9162 2024-10-28 15:15 2024-10-28 Show GitHub Exploit DB Packet Storm
6 7.5 HIGH
Network 		moxa mxsecurity A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authentication measures, potentially leading … Update CWE-287
Improper Authentication 		CVE-2023-39981 2024-10-28 15:15 2023-09-2 Show GitHub Exploit DB Packet Storm
7 6.5 MEDIUM
Network 		moxa iologik_e4200_firmware A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to … Update CWE-863
 Incorrect Authorization 		CVE-2023-4227 2024-10-28 15:15 2023-08-24 Show GitHub Exploit DB Packet Storm
8 9.8 CRITICAL
Network 		moxa tn-5900_firmware TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the c… Update CWE-77
Command Injection 		CVE-2023-34215 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm
9 9.8 CRITICAL
Network 		moxa tn-5900_firmware
tn-4900_firmware 		TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient… Update CWE-77
Command Injection 		CVE-2023-34214 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm
10 9.8 CRITICAL
Network 		moxa tn-5900_firmware TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the key-g… Update CWE-77
Command Injection 		CVE-2023-34213 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm