Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 31, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202891	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

202892	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

202893	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

202894	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

202895	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 1, 2024, 6:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
821	-		-	-	An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a deni… New	-	CVE-2023-20513	2024-10-30 04:35	2024-08-14	Show	GitHub Exploit DB Packet Storm

822	-		-	-	A vulnerability in multi-tenant hosting allows an authenticated sender to spoof the identity of a shared, hosted domain, thus bypass security measures provided by DMARC (or SPF or DKIM) policies. Update	-	CVE-2024-7208	2024-10-30 04:35	2024-07-31	Show	GitHub Exploit DB Packet Storm

823	-		-	-	A non-admin user can cause short-term disruption in Target VM availability in Citrix Provisioning Update	-	CVE-2024-6150	2024-10-30 04:35	2024-07-11	Show	GitHub Exploit DB Packet Storm

824	-		-	-	In the Linux kernel, the following vulnerability has been resolved: arm64: extable: fix load_unaligned_zeropad() reg indices In ex_handler_load_unaligned_zeropad() we erroneously extract the data a… Update	-	CVE-2022-48762	2024-10-30 04:35	2024-06-20	Show	GitHub Exploit DB Packet Storm

825	-		-	-	In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid scanning potential huge holes When using devm_request_free_mem_region() and devm_memremap_pages() to add ZONE_… Update	-	CVE-2022-48731	2024-10-30 04:35	2024-06-20	Show	GitHub Exploit DB Packet Storm

826	-		-	-	XSS vulnerability in DP Calendar component for Joomla. Update	-	CVE-2024-21727	2024-10-30 04:35	2024-02-15	Show	GitHub Exploit DB Packet Storm

827	7.2	HIGH Network	arubanetworks hp	arubaos instantos	An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles. Update	NVD-CWE-noinfo	CVE-2023-45626	2024-10-30 04:35	2023-11-15	Show	GitHub Exploit DB Packet Storm

828	6.1	MEDIUM Network	cloudnet360	cloudnet360	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GARY JEZORSKI CloudNet360 plugin <= 3.2.0 versions. Update	CWE-79 Cross-site Scripting	CVE-2023-46643	2024-10-30 04:35	2023-11-9	Show	GitHub Exploit DB Packet Storm

829	5.4	MEDIUM Network	mauvedev	medialist	Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in D. Relton Medialist plugin <= 1.3.9 versions. Update	CWE-79 Cross-site Scripting	CVE-2023-46640	2024-10-30 04:35	2023-11-9	Show	GitHub Exploit DB Packet Storm

830	6.1	MEDIUM Network	enejbajgoric\/gagansandhu\/ctltdev	user_avatar	Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Enej Bajgoric / Gagan Sandhu / CTLT DEV User Avatar plugin <= 1.4.11 versions. Update	CWE-79 Cross-site Scripting	CVE-2023-46621	2024-10-30 04:35	2023-11-9	Show	GitHub Exploit DB Packet Storm