Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Dec. 31, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202991	7.5	危険	シスコシステムズ	-	Cisco TelePresence Recording サーバにおける不特定な操作を実行される脆弱性	CWE-287 不適切な認証	CVE-2011-0392	2011-11-29 10:35	2011-02-23	Show	GitHub Exploit DB Packet Storm

202992	7.8	危険	シスコシステムズ	-	Cisco TelePresence Recording サーバデバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0391	2011-11-29 10:34	2011-02-23	Show	GitHub Exploit DB Packet Storm

202993	7.8	危険	シスコシステムズ	-	Cisco TelePresence Multipoint Switch デバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0390	2011-11-29 10:33	2011-02-23	Show	GitHub Exploit DB Packet Storm

202994	7.8	危険	シスコシステムズ	-	Cisco TelePresence Multipoint Switch デバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0389	2011-11-29 10:32	2011-02-23	Show	GitHub Exploit DB Packet Storm

202995	7.8	危険	シスコシステムズ	-	Cisco TelePresence Recording Server および Cisco TelePresence Multipoint Switch における脆弱性	CWE-399 リソース管理の問題	CVE-2011-0388	2011-11-29 10:31	2011-02-23	Show	GitHub Exploit DB Packet Storm

202996	8	危険	シスコシステムズ	-	Cisco TelePresence Multipoint Switch (CTMS) デバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-0387	2011-11-29 10:31	2011-02-23	Show	GitHub Exploit DB Packet Storm

202997	9.3	危険	シスコシステムズ	-	Cisco TelePresence Recording Server 上の XML-RPC の実装におけるファイルを上書きされる脆弱性	CWE-94 コード・インジェクション	CVE-2011-0386	2011-11-29 10:30	2011-02-23	Show	GitHub Exploit DB Packet Storm

202998	10	危険	シスコシステムズ	-	Cisco TelePresence Recording Server および Cisco TelePresence Multipoint Switch における脆弱性	CWE-Other その他	CVE-2011-0385	2011-11-29 10:29	2011-02-23	Show	GitHub Exploit DB Packet Storm

202999	10	危険	シスコシステムズ	-	Cisco TelePresence Multipoint Switch における任意のコードを実行される脆弱性	CWE-287 不適切な認証	CVE-2011-0384	2011-11-29 10:28	2011-02-23	Show	GitHub Exploit DB Packet Storm

203000	10	危険	シスコシステムズ	-	Cisco TelePresence Recording Server および Cisco TelePresence Multipoint Switch における脆弱性	CWE-287 不適切な認証	CVE-2011-0383	2011-11-29 10:27	2011-02-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 1, 2025, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2061	-		-	-	The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5 via the cf7sa-info.php file that returns phpinfo()…	CWE-200 CWE-732 Information Exposure Incorrect Permission Assignment for Critical Resource	CVE-2024-12255	2024-12-13 00:15	2024-12-12	Show	GitHub Exploit DB Packet Storm

2062	-		-	-	From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine.	-	CVE-2024-42448	2024-12-13 00:15	2024-12-12	Show	GitHub Exploit DB Packet Storm

2063	-		-	-	An out-of-bounds read in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service.	-	CVE-2024-37401	2024-12-13 00:15	2024-12-12	Show	GitHub Exploit DB Packet Storm

2064	-		-	-	A heap-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service.	-	CVE-2024-37377	2024-12-13 00:15	2024-12-12	Show	GitHub Exploit DB Packet Storm

2065	-		-	-	Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in `login.php` via the `emailcont` parameter.	-	CVE-2024-53480	2024-12-13 00:15	2024-12-11	Show	GitHub Exploit DB Packet Storm

2066	7.8	HIGH Local	-	-	A vulnerability has been identified in Parasolid V36.1 (All versions < V36.1.225), Parasolid V37.0 (All versions < V37.0.173). The affected application contains an out of bounds write past the end of…	-	CVE-2024-54091	2024-12-12 23:15	2024-12-10	Show	GitHub Exploit DB Packet Storm

2067	-		-	-	Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability.	-	CVE-2024-54122	2024-12-12 22:15	2024-12-12	Show	GitHub Exploit DB Packet Storm

2068	-		-	-	Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.	-	CVE-2024-54119	2024-12-12 22:15	2024-12-12	Show	GitHub Exploit DB Packet Storm

2069	4.4	MEDIUM Network	-	-	The 360 Javascript Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ref’ parameter in all versions up to, and including, 1.7.29 due to insufficient input sanitization…	CWE-79 Cross-site Scripting	CVE-2024-12271	2024-12-12 22:15	2024-12-12	Show	GitHub Exploit DB Packet Storm

2070	-		-	-	An issue was discovered in GitLab CE/EE affecting all versions from 11.8 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. An attacker could potentially perform an open redirect against a gi…	CWE-601 Open Redirect	CVE-2024-9387	2024-12-12 21:15	2024-12-12	Show	GitHub Exploit DB Packet Storm