Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 14, 2024, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
203671	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0034	2010-03-2 11:29	2010-02-9	Show	GitHub Exploit DB Packet Storm

203672	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0033	2010-03-2 11:28	2010-02-9	Show	GitHub Exploit DB Packet Storm

203673	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint における任意のコードを実行される脆弱性	CWE-94 CWE-Other	CVE-2010-0032	2010-03-2 11:28	2010-02-9	Show	GitHub Exploit DB Packet Storm

203674	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0031	2010-03-2 11:27	2010-02-9	Show	GitHub Exploit DB Packet Storm

203675	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0030	2010-03-2 11:27	2010-02-9	Show	GitHub Exploit DB Packet Storm

203676	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0029	2010-03-2 11:26	2010-02-9	Show	GitHub Exploit DB Packet Storm

203677	10	危険	マイクロソフト	-	Microsoft Office の MSO.DLL におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0243	2010-03-1 11:37	2010-02-9	Show	GitHub Exploit DB Packet Storm

203678	9.3	危険	マイクロソフト	-	Microsoft DirectX の DirectShow におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0250	2010-03-1 11:36	2010-02-9	Show	GitHub Exploit DB Packet Storm

203679	7.8	危険	マイクロソフト	-	Microsoft Windows の TCP/IP 実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-0242	2010-03-1 11:36	2010-02-9	Show	GitHub Exploit DB Packet Storm

203680	10	危険	マイクロソフト	-	Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0241	2010-03-1 11:36	2010-02-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 14, 2024, 5:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1661	5.4	MEDIUM Network	kraftplugins	mega_elements	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a th…	CWE-79 Cross-site Scripting	CVE-2024-49693	2024-11-9 00:19	2024-10-24	Show	GitHub Exploit DB Packet Storm

1662	7.5	HIGH Network	ruijie	nbr3000d-e_firmware	An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information via the /tool/shell/postgresql.conf component.	NVD-CWE-noinfo	CVE-2024-48783	2024-11-9 00:19	2024-10-16	Show	GitHub Exploit DB Packet Storm

1663	4.3	MEDIUM Network	63moons	aero wave_2.0	This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs at certain API endpoint. An authenticated remote attacker could exploit this vulnerability by providing…	CWE-209 Information Exposure Through an Error Message	CVE-2024-51560	2024-11-9 00:18	2024-11-4	Show	GitHub Exploit DB Packet Storm

1664	6.1	MEDIUM Network	google_docs_rsvp_project	google_docs_rsvp	Cross-Site Request Forgery (CSRF) vulnerability in Gifford Cheung, Brian Watanabe, Chongsun Ahn Google Docs RSVP allows Stored XSS.This issue affects Google Docs RSVP: from n/a through 2.0.1.	CWE-352 Origin Validation Error	CVE-2024-49672	2024-11-9 00:16	2024-10-29	Show	GitHub Exploit DB Packet Storm

1665	4.6	MEDIUM Physics	tp-link	tapo_h100_firmware	This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the …	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-10523	2024-11-9 00:14	2024-11-4	Show	GitHub Exploit DB Packet Storm

1666	8.8	HIGH Network	microsoft	dataverse	Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.	NVD-CWE-noinfo	CVE-2024-38139	2024-11-9 00:14	2024-10-16	Show	GitHub Exploit DB Packet Storm

1667	7.5	HIGH Network	ibm	websphere_application_server	IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulner…	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2024-45085	2024-11-9 00:13	2024-10-16	Show	GitHub Exploit DB Packet Storm

1668	9.8	CRITICAL Network	bg-tek	coslat	Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics Security Technologies CoslatV3 allows Command Injection.This issue affects CoslatV3: through 3.1069. …	CWE-94 Code Injection	CVE-2024-10035	2024-11-9 00:11	2024-11-4	Show	GitHub Exploit DB Packet Storm

1669	5.4	MEDIUM Network	salesagility	suitecrm	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. The "Publish Key" field in SuiteCRM's Edit Profile page is vulnerable to Reflected Cross-Site…	CWE-79 Cross-site Scripting	CVE-2024-50335	2024-11-9 00:09	2024-11-6	Show	GitHub Exploit DB Packet Storm

1670	9.1	CRITICAL Network	qualcomm	wsa8845h_firmware wsa8845_firmware wsa8840_firmware wsa8835_firmware wsa8832_firmware wsa8830_firmware wsa8815_firmware wsa8810_firmware wcn7881_firmware wcn7880_firmware	Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.	NVD-CWE-noinfo	CVE-2024-38408	2024-11-9 00:07	2024-11-4	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed