Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Dec. 30, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203211 6 警告 Mahara - Mahara における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4118 2011-11-16 15:11 2011-11-3 Show GitHub Exploit DB Packet Storm
203212 4 警告 Mahara - Mahara における異なるユーザのメッセージを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2011-2774 2011-11-16 15:08 2011-11-3 Show GitHub Exploit DB Packet Storm
203213 6.8 警告 Mahara - Mahara におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-2773 2011-11-16 15:07 2011-11-3 Show GitHub Exploit DB Packet Storm
203214 5 警告 Mahara - Mahara の get_dataroot_image_path 関数におけるサービス運用妨害 (メモリ消費) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2772 2011-11-16 15:07 2011-11-3 Show GitHub Exploit DB Packet Storm
203215 4.3 警告 Mahara - Mahara におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-2771 2011-11-16 15:06 2011-11-3 Show GitHub Exploit DB Packet Storm
203216 9.3 危険 Google - Google Chrome における任意のコードを実行される脆弱性 CWE-362
競合状態 		CVE-2011-0784 2011-11-16 10:09 2011-02-3 Show GitHub Exploit DB Packet Storm
203217 4.3 警告 Google - Google Chrome におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-0783 2011-11-16 10:09 2011-02-3 Show GitHub Exploit DB Packet Storm
203218 5 警告 Google - Google Chrome におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-0782 2011-11-16 10:08 2011-02-3 Show GitHub Exploit DB Packet Storm
203219 7.5 危険 Google - Google Chrome の autofill プロファイルのマージ処理における詳細不明な脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0781 2011-11-16 10:08 2011-02-3 Show GitHub Exploit DB Packet Storm
203220 9.3 危険 Google - Google Chrome の PDF イベントハンドラにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-0780 2011-11-16 10:07 2011-02-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Dec. 31, 2024, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2371 - - - In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and versions below 3.2.462, 3.7.18, and 3.8.5 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does no… - CVE-2024-53243 2024-12-11 03:15 2024-12-11 Show GitHub Exploit DB Packet Storm
2372 - - - MOBATIME Network Master Clock - DTS 4801 allows attackers to use SSH to gain initial access using default credentials. CWE-1392
 Use of Default Credentials 		CVE-2024-12286 2024-12-11 03:15 2024-12-11 Show GitHub Exploit DB Packet Storm
2373 - - - PwnDoc is a penetration test report generator. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an authenticated user who is able to update and download templates can inject path traversal (… - CVE-2024-55602 2024-12-11 03:15 2024-12-11 Show GitHub Exploit DB Packet Storm
2374 - - - Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 11.0.0 and prior to version 11.3.0, when setting `WEBSOCKETS_GRAPHQL_AUTH` or `WEBSOCKETS_REST_AUT… - CVE-2024-54151 2024-12-11 03:15 2024-12-10 Show GitHub Exploit DB Packet Storm
2375 - - - A stored cross-site scripting (XSS) vulnerability in the Device Settings section of LibreNMS v24.9.0 to v24.10.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inject… - CVE-2024-53457 2024-12-11 03:15 2024-12-6 Show GitHub Exploit DB Packet Storm
2376 5.4 MEDIUM
Network 		dedecms dedecms A vulnerability classified as problematic has been found in DedeCMS 5.7.116. Affected is an unknown function of the file /member/article_add.php. The manipulation of the argument body leads to cross … CWE-79
Cross-site Scripting 		CVE-2024-12180 2024-12-11 01:34 2024-12-5 Show GitHub Exploit DB Packet Storm
2377 5.4 MEDIUM
Network 		dedecms dedecms A vulnerability classified as problematic was found in DedeCMS 5.7.116. Affected by this vulnerability is an unknown functionality of the file /member/uploads_add.php of the component SWF File Handle… CWE-79
Cross-site Scripting 		CVE-2024-12181 2024-12-11 01:29 2024-12-5 Show GitHub Exploit DB Packet Storm
2378 5.4 MEDIUM
Network 		dedecms dedecms A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7.116. Affected by this issue is some unknown functionality of the file /member/soft_add.php. The manipulation of the… CWE-79
Cross-site Scripting 		CVE-2024-12182 2024-12-11 01:18 2024-12-5 Show GitHub Exploit DB Packet Storm
2379 - - - Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below. - CVE-2024-55544 2024-12-11 01:15 2024-12-11 Show GitHub Exploit DB Packet Storm
2380 - - - Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to version 1.4.3, an attacker can write a malicious expression that escapes the sandbox to exec… CWE-94
Code Injection 		CVE-2024-54152 2024-12-11 01:15 2024-12-11 Show GitHub Exploit DB Packet Storm