Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 30, 2024, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
202701 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット
- Mozilla Firefox/SeaMonkey における http URL または file URL の SSL インジケータを偽装される脆弱性 CWE-Other
その他
CVE-2009-3984 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
202702 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット
- Mozilla Firefox/SeaMonkey における認証されたリクエストを任意のアプリケーションに送信される脆弱性 CWE-Other
その他
CVE-2009-3983 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
202703 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の libtheora における任意のコードを実行される脆弱性 CWE-189
数値処理の問題
CVE-2009-3389 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
202704 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の liboggplay における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題
CVE-2009-3388 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
202705 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の JavaScript エンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2009-3982 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
202706 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット
- 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2009-3981 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
202707 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題
CVE-2009-3980 2010-01-28 12:15 2009-12-15 Show GitHub Exploit DB Packet Storm
202708 10 危険 アドビシステムズ - Adobe Flash Media Server におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2009-3792 2010-01-27 10:02 2009-12-18 Show GitHub Exploit DB Packet Storm
202709 5 警告 アドビシステムズ - Adobe Flash Media Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足
CVE-2009-3791 2010-01-27 10:02 2009-12-18 Show GitHub Exploit DB Packet Storm
202710 5.8 警告 PostgreSQL.org
ターボリナックス
サン・マイクロシステムズ
- PostgreSQL における X.509 証明書の処理に関する任意の SSL-based PostgreSQL サーバになりすまされる脆弱性 CWE-310
暗号の問題
CVE-2009-4034 2010-01-26 11:48 2009-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 30, 2024, 8:16 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
701 4.9 MEDIUM
Network
arubanetworks clearpass_policy_manager A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an att… Update NVD-CWE-noinfo
CVE-2024-41916 2024-10-29 06:35 2024-07-31 Show GitHub Exploit DB Packet Storm
702 7.1 HIGH
Local
apple macos
iphone_os
ipados
watchos
tvos
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS… Update NVD-CWE-noinfo
CVE-2024-40774 2024-10-29 06:35 2024-07-30 Show GitHub Exploit DB Packet Storm
703 5.4 MEDIUM
Network
cervantessec cervantes Cervantes through 0.5-alpha accepts insecure file uploads. Update CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-42054 2024-10-29 06:35 2024-07-28 Show GitHub Exploit DB Packet Storm
704 5.9 MEDIUM
Network
s3browser s3_browser An issue in S3Browser v.11.4.5 and v.10.9.9 and fixed in v.11.5.7 allows a remote attacker to obtain sensitive information via the S3 compatible storage component. Update CWE-295
Improper Certificate Validation 
CVE-2024-37865 2024-10-29 06:35 2024-07-10 Show GitHub Exploit DB Packet Storm
705 5.4 MEDIUM
Network
wolfiezero spotify_play_button The Spotify Play Button WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could… Update CWE-79
Cross-site Scripting
CVE-2024-5199 2024-10-29 06:35 2024-06-26 Show GitHub Exploit DB Packet Storm
706 - - - The Bookster WordPress plugin through 1.1.0 allows adding sensitive parameters when validating appointments allowing attackers to manipulate the data sent when booking an appointment (the request bo… Update - CVE-2024-5071 2024-10-29 06:35 2024-06-26 Show GitHub Exploit DB Packet Storm
707 - - - A buffer overflow in PX4-Autopilot v1.12.3 allows attackers to cause a Denial of Service (DoS) via a crafted MavLink message. Update - CVE-2024-38951 2024-10-29 06:35 2024-06-25 Show GitHub Exploit DB Packet Storm
708 9.1 CRITICAL
Network
gnu wget url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponen… Update CWE-436
 Interpretation Conflict
CVE-2024-38428 2024-10-29 06:35 2024-06-16 Show GitHub Exploit DB Packet Storm
709 6.1 MEDIUM
Network
projectcaruso pray_for_me The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin vi… Update CWE-79
Cross-site Scripting
CVE-2024-3966 2024-10-29 06:35 2024-06-14 Show GitHub Exploit DB Packet Storm
710 - - - The Social Sharing Plugin WordPress plugin before 3.3.63 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scriptin… Update - CVE-2024-4924 2024-10-29 06:35 2024-06-12 Show GitHub Exploit DB Packet Storm