Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Dec. 24, 2024, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
203131 4.4 警告 Apache Software Foundation - Apache Tomcat における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-3376 2011-11-15 15:54 2011-11-8 Show GitHub Exploit DB Packet Storm
203132 5 警告 IBM - IBM DB2 Tools の web-server コンポーネントにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-4435 2011-11-15 15:50 2011-06-9 Show GitHub Exploit DB Packet Storm
203133 4.9 警告 IBM - IBM AIX におけるサービス運用妨害 (システムクラッシュ) の脆弱性 CWE-119
バッファエラー
CVE-2011-1375 2011-11-15 15:50 2011-11-4 Show GitHub Exploit DB Packet Storm
203134 5 警告 Google - Google Chrome および Chrome OS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2011-0470 2011-11-15 11:16 2011-01-12 Show GitHub Exploit DB Packet Storm
203135 10 危険 Google - Google Chrome および Chrome OS の node-iteration 実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2011-0471 2011-11-15 11:15 2011-01-12 Show GitHub Exploit DB Packet Storm
203136 9.3 危険 Google - Google Chrome と Chrome OS におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-20
不適切な入力確認
CVE-2011-0472 2011-11-15 11:15 2011-01-12 Show GitHub Exploit DB Packet Storm
203137 10 危険 Google - Google Chrome と Chrome OS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2011-0473 2011-11-15 11:14 2011-01-12 Show GitHub Exploit DB Packet Storm
203138 10 危険 Google - Google Chrome および Chrome OS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2011-0474 2011-11-15 11:12 2011-01-12 Show GitHub Exploit DB Packet Storm
203139 10 危険 Google - Google Chrome および Chrome OS におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2011-0475 2011-11-15 11:12 2011-01-12 Show GitHub Exploit DB Packet Storm
203140 10 危険 Google - Google Chrome および Chrome OS におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2011-0476 2011-11-15 11:11 2011-01-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Dec. 24, 2024, 4:05 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1311 - - - The vulnerability occurs in the parsing of CSP files. The issues result from the lack of proper validation of user-supplied data, which could allow reading past the end of allocated data structures… CWE-125
Out-of-bounds Read
CVE-2024-12212 2024-12-13 10:15 2024-12-13 Show GitHub Exploit DB Packet Storm
1312 - - - Boundary Community Edition and Boundary Enterprise (“Boundary”) incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate… - CVE-2024-12289 2024-12-13 08:15 2024-12-13 Show GitHub Exploit DB Packet Storm
1313 - - - Hush Line is an open-source whistleblower management system. Starting in version 0.1.0 and prior to version 0.3.5, the productions server appeared to have been misconfigured and missed providing any … CWE-1021
 Improper Restriction of Rendered UI Layers or Frames
CVE-2024-55888 2024-12-13 05:15 2024-12-13 Show GitHub Exploit DB Packet Storm
1314 - - - OpenSearch Data Prepper is a component of the OpenSearch project that accepts, filters, transforms, enriches, and routes data at scale. A vulnerability exists in the OpenTelemetry Logs source in Data… CWE-287
Improper Authentication
CVE-2024-55886 2024-12-13 05:15 2024-12-13 Show GitHub Exploit DB Packet Storm
1315 - - - beego is an open-source web framework for the Go programming language. Versions of beego prior to 2.3.4 use MD5 as a hashing algorithm. MD5 is no longer considered secure against well-funded opponent… CWE-327
CWE-328
 Use of a Broken or Risky Cryptographic Algorithm
 Use of Weak Hash
CVE-2024-55885 2024-12-13 05:15 2024-12-13 Show GitHub Exploit DB Packet Storm
1316 - - - SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in version 1.0.12 and prior to version 1.1.12, when calling the extended toHTMLEx method, it is possible to exec… CWE-79
Cross-site Scripting
CVE-2024-55878 2024-12-13 05:15 2024-12-13 Show GitHub Exploit DB Packet Storm
1317 9.3 CRITICAL
Network
- - Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver. CWE-502
 Deserialization of Untrusted Data
CVE-2024-49147 2024-12-13 04:15 2024-12-13 Show GitHub Exploit DB Packet Storm
1318 6.5 MEDIUM
Network
- - Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network. CWE-612
 Improper Authorization of Index Containing Sensitive Information
CVE-2024-49071 2024-12-13 04:15 2024-12-13 Show GitHub Exploit DB Packet Storm
1319 - - - nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version. - CVE-2024-55565 2024-12-13 04:15 2024-12-9 Show GitHub Exploit DB Packet Storm
1320 7.8 HIGH
Local
adobe substance_3d_modeler Substance3D - Modeler versions 1.14.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploita… CWE-787
 Out-of-bounds Write
CVE-2024-52999 2024-12-13 03:52 2024-12-11 Show GitHub Exploit DB Packet Storm