Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Dec. 26, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
203141	6.8	警告	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1118	2011-11-17 10:19	2011-02-28	Show	GitHub Exploit DB Packet Storm

203142	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1116	2011-11-17 10:18	2011-02-28	Show	GitHub Exploit DB Packet Storm

203143	5	警告	Google	-	Google Chrome におけるサービス運用妨害 (out-of-bounds read) の脆弱性	CWE-DesignError	CVE-2011-1113	2011-11-17 10:17	2011-02-28	Show	GitHub Exploit DB Packet Storm

203144	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1112	2011-11-17 10:16	2011-02-28	Show	GitHub Exploit DB Packet Storm

203145	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1111	2011-11-17 10:15	2011-02-28	Show	GitHub Exploit DB Packet Storm

203146	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2011-1110	2011-11-17 10:14	2011-02-28	Show	GitHub Exploit DB Packet Storm

203147	6.8	警告	Google	-	Google Chrome におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1108	2011-11-17 10:13	2011-02-28	Show	GitHub Exploit DB Packet Storm

203148	10	危険	Google	-	Google Chrome における詳細不明な脆弱性	CWE-20 不適切な入力確認	CVE-2011-0985	2011-11-17 10:07	2011-02-8	Show	GitHub Exploit DB Packet Storm

203149	5	警告	Google	-	Google Chrome におけるサービス運用妨害 (out-of-bounds read) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-0984	2011-11-17 10:05	2011-02-8	Show	GitHub Exploit DB Packet Storm

203150	10	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0982	2011-11-17 09:59	2011-02-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Dec. 27, 2024, 4:04 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2351	-		-	-	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Owen Cutajar & Hyder Jaffari WordPress Auction Plugin allows SQL Injection.This issue affects Wor…	CWE-89 SQL Injection	CVE-2024-51615	2024-12-6 23:15	2024-12-6	Show	GitHub Exploit DB Packet Storm

2352	6.4	MEDIUM Network	-	-	The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘addExtraMimeType’ function in versions up to, and including, 3.2.1 due to insuffi…	CWE-79 Cross-site Scripting	CVE-2024-4633	2024-12-6 23:15	2024-12-6	Show	GitHub Exploit DB Packet Storm

2353	-		-	-	Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent. The vulnerability enables an attacker to execute arbitrary code within the Code Agent container. Exploit…	-	CVE-2024-21571	2024-12-6 23:15	2024-12-6	Show	GitHub Exploit DB Packet Storm

2354	5.4	MEDIUM Network	-	-	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hi e-learning Learning Management System (LMS) allows Reflected XSS.This issue affects Lea…	CWE-79 Cross-site Scripting	CVE-2024-11321	2024-12-6 23:15	2024-12-6	Show	GitHub Exploit DB Packet Storm

2355	-		-	-	The Swift Performance Lite plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 2.3.7.1 via the 'ajaxify' function. This makes it possible for unauthen…	-	CVE-2024-10516	2024-12-6 23:15	2024-12-6	Show	GitHub Exploit DB Packet Storm

2356	-		-	-	The authentication process to the web server uses a challenge response procedure which inludes the nonce and additional information. This challenge can be used several times for login and is therefor…	-	CVE-2024-11022	2024-12-6 22:15	2024-12-6	Show	GitHub Exploit DB Packet Storm

2357	-		-	-	Lua apps can be deployed, removed, started, reloaded or stopped without authorization via AppManager. This allows an attacker to remove legitimate apps creating a DoS attack, read and write files or …	-	CVE-2024-10776	2024-12-6 22:15	2024-12-6	Show	GitHub Exploit DB Packet Storm

2358	-		-	-	Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of large parts of the web application without authentication.	-	CVE-2024-10774	2024-12-6 22:15	2024-12-6	Show	GitHub Exploit DB Packet Storm

2359	-		-	-	The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of hidden user levels. This means that an attacker can log in with the hidden user levels and gain full ac…	-	CVE-2024-10773	2024-12-6 22:15	2024-12-6	Show	GitHub Exploit DB Packet Storm

2360	-		-	-	Since the firmware update is not validated, an attacker can install modified firmware on the device. This has a high impact on the availabilty, integrity and confidentiality up to the complete compro…	-	CVE-2024-10772	2024-12-6 22:15	2024-12-6	Show	GitHub Exploit DB Packet Storm