Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
203451 9.3 危険 マイクロソフト - 複数の Microsoft 製品の Excel ファイルにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-0821 2010-07-2 16:23 2010-06-8 Show GitHub Exploit DB Packet Storm
203452 7.2 危険 マイクロソフト - 複数の Microsoft 製品の Windows OpenType Compact Font Format ドライバにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-0819 2010-07-1 16:21 2010-06-8 Show GitHub Exploit DB Packet Storm
203453 6.8 警告 マイクロソフト - Microsoft Windows の win32k.sys における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-1255 2010-07-1 16:20 2010-06-8 Show GitHub Exploit DB Packet Storm
203454 6.8 警告 マイクロソフト - Microsoft Windows の win32k.sys における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-0485 2010-07-1 16:20 2010-06-8 Show GitHub Exploit DB Packet Storm
203455 6.8 警告 マイクロソフト - Microsoft Windows の win32k.sys における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-0484 2010-07-1 16:20 2010-06-8 Show GitHub Exploit DB Packet Storm
203456 4.3 警告 マイクロソフト - Microsoft SharePoint Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-0817 2010-07-1 16:02 2010-04-29 Show GitHub Exploit DB Packet Storm
203457 9.3 危険 マイクロソフト - Microsoft Windows の Microsoft Data Analyzer ActiveX コントロール における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-0252 2010-07-1 16:02 2010-02-9 Show GitHub Exploit DB Packet Storm
203458 9.3 危険 マイクロソフト - Microsoft Internet Explorer におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2010-0255 2010-07-1 16:01 2010-02-3 Show GitHub Exploit DB Packet Storm
203459 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-1262 2010-06-30 18:53 2010-06-8 Show GitHub Exploit DB Packet Storm
203460 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-1259 2010-06-30 18:53 2010-06-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2791 - - - Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point manag… - CVE-2024-42509 2024-11-7 03:17 2024-11-6 Show GitHub Exploit DB Packet Storm
2792 - - - Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTPServer'. - CVE-2024-51116 2024-11-7 03:17 2024-11-6 Show GitHub Exploit DB Packet Storm
2793 4.3 MEDIUM
Network
- - The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7_get_post_var shortcode. This makes… CWE-200
Information Exposure
CVE-2024-10084 2024-11-7 03:17 2024-11-6 Show GitHub Exploit DB Packet Storm
2794 - - - A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the VRED Design application. Exploita… - CVE-2024-7995 2024-11-7 03:17 2024-11-6 Show GitHub Exploit DB Packet Storm
2795 - - - The cap-std project is organized around the eponymous `cap-std` crate, and develops libraries to make it easy to write capability-based code. cap-std's filesystem sandbox implementation on Windows bl… CWE-22
Path Traversal
CVE-2024-51756 2024-11-7 03:17 2024-11-6 Show GitHub Exploit DB Packet Storm
2796 - - - Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so… CWE-184
CWE-67
 Incomplete Blacklist
CVE-2024-51745 2024-11-7 03:17 2024-11-6 Show GitHub Exploit DB Packet Storm
2797 - - - The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In affected versions refresh tokens are logged to the console wh… CWE-532
 Inclusion of Sensitive Information in Log Files
CVE-2024-51753 2024-11-7 03:17 2024-11-6 Show GitHub Exploit DB Packet Storm
2798 - - - The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In affected versions refresh tokens are logged to the consol… CWE-532
 Inclusion of Sensitive Information in Log Files
CVE-2024-51752 2024-11-7 03:17 2024-11-6 Show GitHub Exploit DB Packet Storm
2799 - - - Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. gitsign may select the wrong Rekor entry to use during online verification when multiple entries are … CWE-706
 Use of Incorrectly-Resolved Name or Reference
CVE-2024-51746 2024-11-7 03:17 2024-11-6 Show GitHub Exploit DB Packet Storm
2800 - - - Osmedeus is a Workflow Engine for Offensive Security. Cross-site Scripting (XSS) occurs on the Osmedues web server when viewing results from the workflow, allowing commands to be executed on the serv… CWE-79
CWE-80
Cross-site Scripting
Basic XSS
CVE-2024-51735 2024-11-7 03:17 2024-11-6 Show GitHub Exploit DB Packet Storm