Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 14, 2024, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203731 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0246 2010-02-22 12:14 2010-01-21 Show GitHub Exploit DB Packet Storm
203732 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0245 2010-02-22 12:13 2010-01-21 Show GitHub Exploit DB Packet Storm
203733 4.3 警告 マイクロソフト - Microsoft Internet Explorer の XSS フィルタにおけるクロスサイトスクリプティングの脆弱性 CWE-DesignError
CVE-2009-4074 2010-02-22 12:13 2009-11-25 Show GitHub Exploit DB Packet Storm
203734 6.6 警告 マイクロソフト - Microsoft Windows の kernel における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0232 2010-02-22 12:12 2010-01-20 Show GitHub Exploit DB Packet Storm
203735 10 危険 Rockwell Automation - Rockwell Automation Allen-Bradley MicroLogix PLC に複数の脆弱性 CWE-noinfo
情報不足 		CVE-2009-3739 2010-02-19 14:22 2010-01-21 Show GitHub Exploit DB Packet Storm
203736 9.3 危険 マイクロソフト - Microsoft Internet Explorer において任意のコードが実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0249 2010-02-19 14:21 2010-01-15 Show GitHub Exploit DB Packet Storm
203737 7.5 危険 アップル
MySQL AB		 - MySQL で使用される yaSSL におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-0227 2010-02-19 11:37 2008-01-10 Show GitHub Exploit DB Packet Storm
203738 7.5 危険 アップル
MySQL AB		 - MySQL で使用される yaSSL における複数のバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0226 2010-02-19 11:32 2008-01-10 Show GitHub Exploit DB Packet Storm
203739 7.5 危険 Linux
レッドハット		 - Linux kernel の do_coredump 関数における任意のファイルを改ざんされる脆弱性 - CVE-2006-6304 2010-02-18 14:28 2006-12-14 Show GitHub Exploit DB Packet Storm
203740 7.8 危険 Linux
レッドハット		 - Linux kernel の net/ipv4/route.c 用の特定のレッドハットパッチにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4272 2010-02-18 14:28 2010-01-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 14, 2024, 5:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 - - - Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerability could allow remote users to byp… New CWE-22
Path Traversal 		CVE-2024-11215 2024-11-14 23:15 2024-11-14 Show GitHub Exploit DB Packet Storm
172 - - - A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an unknown part of the file /login?service of the component 2FA. The manipulation leads to improper authe… New CWE-287
Improper Authentication 		CVE-2024-11209 2024-11-14 23:15 2024-11-14 Show GitHub Exploit DB Packet Storm
173 - - - A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipulation leads to session expiratio… New CWE-613
 Insufficient Session Expiration 		CVE-2024-11208 2024-11-14 23:15 2024-11-14 Show GitHub Exploit DB Packet Storm
174 8.8 HIGH
Network 		- - The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.9.107 via deserialization of untrusted input in the 'replac… New CWE-502
 Deserialization of Untrusted Data 		CVE-2024-10962 2024-11-14 23:15 2024-11-14 Show GitHub Exploit DB Packet Storm
175 7.5 HIGH
Network 		gaizhenbiao chuanhuchatgpt A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service (DOS) attack. When uploading a file, if an attacker appends a large number of characters to the end of a … Update CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2024-7807 2024-11-14 23:15 2024-10-29 Show GitHub Exploit DB Packet Storm
176 8.1 HIGH
Network 		lunary lunary In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability exists. A user can view or delete external users by manipulating the 'id' parameter in the request URL. … Update CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-7474 2024-11-14 23:15 2024-10-29 Show GitHub Exploit DB Packet Storm
177 5.9 MEDIUM
Network 		mudler localai mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack allows an attacker to compromise the cryptosystem by analyzing the time taken to execute cryptographic… Update CWE-203
 Information Exposure Through Discrepancy 		CVE-2024-7010 2024-11-14 23:15 2024-10-29 Show GitHub Exploit DB Packet Storm
178 5.5 MEDIUM
Local 		adobe bridge Bridge versions 13.0.9, 14.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypa… New CWE-125
Out-of-bounds Read 		CVE-2024-45147 2024-11-14 22:58 2024-11-13 Show GitHub Exploit DB Packet Storm
179 6.8 MEDIUM
Adjacent 		zyxel gs1900-8_firmware
gs1900-8hp_firmware
gs1900-10hp_firmware
gs1900-16_firmware
gs1900-24_firmware
gs1900-24e_firmware
gs1900-24ep_firmware
gs1900-24hpv2_firmware
gs1900-48_firm… 		A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker wi… New CWE-78
OS Command  		CVE-2024-8881 2024-11-14 22:51 2024-11-12 Show GitHub Exploit DB Packet Storm
180 4.5 MEDIUM
Adjacent 		zyxel gs1900-8_firmware
gs1900-8hp_firmware
gs1900-10hp_firmware
gs1900-16_firmware
gs1900-24_firmware
gs1900-24e_firmware
gs1900-24ep_firmware
gs1900-24hpv2_firmware
gs1900-48_firm… 		A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privi… New CWE-120
Classic Buffer Overflow 		CVE-2024-8882 2024-11-14 22:42 2024-11-12 Show GitHub Exploit DB Packet Storm