Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 5, 2024, 6:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203211 7.8 危険 マイクロソフト - Microsoft Windows で稼働している Active Directory の LDAP サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-1928 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
203212 9.3 危険 マイクロソフト - Microsoft Windows の kernel における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2514 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
203213 6.8 警告 マイクロソフト - Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-2513 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
203214 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
203215 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
203216 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
203217 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
203218 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 5, 2024, 4:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
521 - - - djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing u… - CVE-2024-22513 2024-11-2 05:35 2024-03-16 Show GitHub Exploit DB Packet Storm
522 - - - In constraint_check of fvp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. Use… - CVE-2024-22007 2024-11-2 05:35 2024-03-12 Show GitHub Exploit DB Packet Storm
523 - - - Numbas editor before 7.3 mishandles editing of themes and extensions. - CVE-2024-27612 2024-11-2 05:35 2024-03-8 Show GitHub Exploit DB Packet Storm
524 - - - This issue was addressed by removing additional entitlements. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data. - CVE-2024-23260 2024-11-2 05:35 2024-03-8 Show GitHub Exploit DB Packet Storm
525 - - - VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID (chip card interface device). A malicious actor with local administrative privileges on a virtual machine may… - CVE-2024-22251 2024-11-2 05:35 2024-02-29 Show GitHub Exploit DB Packet Storm
526 - - - This issue was addressed with improved state management. This issue is fixed in iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to silently persist an Apple ID on an erased dev… - CVE-2023-42855 2024-11-2 05:35 2024-02-21 Show GitHub Exploit DB Packet Storm
527 7.1 HIGH
Network 		lollms lollms_web_ui A CORS misconfiguration in parisneo/lollms-webui prior to version 10 allows attackers to steal sensitive information such as logs, browser sessions, and settings containing private API keys from othe… CWE-346
 Origin Validation Error 		CVE-2024-6674 2024-11-2 05:34 2024-10-29 Show GitHub Exploit DB Packet Storm
528 5.4 MEDIUM
Network 		chartscss coub Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rami Yushuvaev Coub allows Stored XSS.This issue affects Coub: from n/a through 1.4. CWE-79
Cross-site Scripting 		CVE-2024-49659 2024-11-2 05:25 2024-10-29 Show GitHub Exploit DB Packet Storm
529 - - - Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a front-end JS file and decrypt the plaintext passwords based on the obtained key information. - CVE-2024-48353 2024-11-2 05:24 2024-11-2 Show GitHub Exploit DB Packet Storm
530 6.1 MEDIUM
Network 		abdullahirfan documentpress Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Abdullah Irfan DocumentPress allows Reflected XSS.This issue affects DocumentPress: from n… CWE-79
Cross-site Scripting 		CVE-2024-49656 2024-11-2 05:24 2024-10-29 Show GitHub Exploit DB Packet Storm