Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Dec. 30, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202951	7.8	危険	シスコシステムズ	-	Cisco IOS XR におけるサービス運用妨害 (ディスク消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0949	2011-12-1 10:48	2011-05-25	Show	GitHub Exploit DB Packet Storm

202952	7.8	危険	シスコシステムズ	-	Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0943	2011-12-1 10:48	2011-05-25	Show	GitHub Exploit DB Packet Storm

202953	6.8	警告	シスコシステムズ	-	Cisco CiscoWorks Common Services におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-0966	2011-12-1 10:47	2011-05-18	Show	GitHub Exploit DB Packet Storm

202954	4.3	警告	シスコシステムズ	-	Cisco Unified Operations Manager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-0962	2011-12-1 10:44	2011-05-18	Show	GitHub Exploit DB Packet Storm

202955	4.3	警告	シスコシステムズ	-	Cisco CiscoWorks Common Services におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-0961	2011-12-1 10:44	2011-05-18	Show	GitHub Exploit DB Packet Storm

202956	7.5	危険	シスコシステムズ	-	Cisco Unified Operations Manager における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-0960	2011-12-1 10:43	2011-05-18	Show	GitHub Exploit DB Packet Storm

202957	4.3	警告	シスコシステムズ	-	Cisco Unified Operations Manager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-0959	2011-12-1 10:43	2011-05-18	Show	GitHub Exploit DB Packet Storm

202958	7.8	危険	シスコシステムズ	-	Cisco Wireless LAN Controller Software におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2011-1613	2011-12-1 10:42	2011-04-27	Show	GitHub Exploit DB Packet Storm

202959	6.4	警告	シスコシステムズ	-	Cisco Unified Communications Manager における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-1610	2011-12-1 10:41	2011-04-27	Show	GitHub Exploit DB Packet Storm

202960	8.5	危険	シスコシステムズ	-	Cisco Unified Communications Manager における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-1609	2011-12-1 10:40	2011-04-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Dec. 31, 2024, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1901	7.8	HIGH Local	-	-	Windows Common Log File System Driver Elevation of Privilege Vulnerability	CWE-122 Heap-based Buffer Overflow	CVE-2024-49138	2024-12-13 11:00	2024-12-12	Show	GitHub Exploit DB Packet Storm

1902	5.4	MEDIUM Network	adobe	experience_manager	Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable …	CWE-79 Cross-site Scripting	CVE-2024-52854	2024-12-13 10:50	2024-12-11	Show	GitHub Exploit DB Packet Storm

1903	5.4	MEDIUM Network	adobe	experience_manager	Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable …	CWE-79 Cross-site Scripting	CVE-2024-52853	2024-12-13 10:47	2024-12-11	Show	GitHub Exploit DB Packet Storm

1904	-		-	-	Horner Automation Cscape contains a memory corruption vulnerability, which could allow an attacker to disclose information and execute arbitrary code.	CWE-125 Out-of-bounds Read	CVE-2024-9508	2024-12-13 10:15	2024-12-13	Show	GitHub Exploit DB Packet Storm

1905	-		-	-	The vulnerability occurs in the parsing of CSP files. The issues result from the lack of proper validation of user-supplied data, which could allow reading past the end of allocated data structures…	CWE-125 Out-of-bounds Read	CVE-2024-12212	2024-12-13 10:15	2024-12-13	Show	GitHub Exploit DB Packet Storm

1906	-		-	-	Boundary Community Edition and Boundary Enterprise (“Boundary”) incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate…	-	CVE-2024-12289	2024-12-13 08:15	2024-12-13	Show	GitHub Exploit DB Packet Storm

1907	-		-	-	Hush Line is an open-source whistleblower management system. Starting in version 0.1.0 and prior to version 0.3.5, the productions server appeared to have been misconfigured and missed providing any …	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2024-55888	2024-12-13 05:15	2024-12-13	Show	GitHub Exploit DB Packet Storm

1908	-		-	-	OpenSearch Data Prepper is a component of the OpenSearch project that accepts, filters, transforms, enriches, and routes data at scale. A vulnerability exists in the OpenTelemetry Logs source in Data…	CWE-287 Improper Authentication	CVE-2024-55886	2024-12-13 05:15	2024-12-13	Show	GitHub Exploit DB Packet Storm

1909	-		-	-	beego is an open-source web framework for the Go programming language. Versions of beego prior to 2.3.4 use MD5 as a hashing algorithm. MD5 is no longer considered secure against well-funded opponent…	CWE-327 CWE-328 Use of a Broken or Risky Cryptographic Algorithm Use of Weak Hash	CVE-2024-55885	2024-12-13 05:15	2024-12-13	Show	GitHub Exploit DB Packet Storm

1910	-		-	-	SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in version 1.0.12 and prior to version 1.1.12, when calling the extended toHTMLEx method, it is possible to exec…	CWE-79 Cross-site Scripting	CVE-2024-55878	2024-12-13 05:15	2024-12-13	Show	GitHub Exploit DB Packet Storm