Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 15, 2024, 6:02 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
203821 5 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット
- Mozilla Firefox/SeaMonkey におけるクロスサイトスクリプティングの脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2009-3988 2010-03-9 11:01 2010-02-17 Show GitHub Exploit DB Packet Storm
203822 10 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット
- Mozilla Firefox/SeaMonkey の Web ワーカー機能における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題
CVE-2010-0160 2010-03-9 11:01 2010-02-17 Show GitHub Exploit DB Packet Storm
203823 2.1 注意 サイバートラスト株式会社
GNOME Project
レッドハット
- NetworkManager の nm-connection-editor における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2009-4145 2010-03-8 12:28 2009-12-23 Show GitHub Exploit DB Packet Storm
203824 6.8 警告 サイバートラスト株式会社
GNOME Project
レッドハット
- NetworkManager における重要な情報を取得される脆弱性 CWE-310
暗号の問題
CVE-2009-4144 2010-03-8 12:28 2009-12-23 Show GitHub Exploit DB Packet Storm
203825 5 警告 Squid-cache.org - Squid の htcpHandleTstRequest 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2010-0639 2010-03-8 12:28 2010-02-12 Show GitHub Exploit DB Packet Storm
203826 9.3 危険 OpenOffice.org Project
レッドハット
- OpenOffice.org の filter/ww8/ww8par2.cxx におけるサービス運用妨害 (DoS) の脆弱性 CWE-94
コード・インジェクション
CVE-2009-3302 2010-03-5 10:33 2010-02-12 Show GitHub Exploit DB Packet Storm
203827 9.3 危険 OpenOffice.org Project
レッドハット
- OpenOffice.org の filter/ww8/ww8par2.cxx における整数アンダーフローの脆弱性 CWE-189
数値処理の問題
CVE-2009-3301 2010-03-5 10:33 2010-02-12 Show GitHub Exploit DB Packet Storm
203828 9.3 危険 OpenOffice.org Project
レッドハット
- OpenOffice.org の GIFLZWDecompressor::GIFLZWDecompressor 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-2950 2010-03-5 10:32 2010-02-12 Show GitHub Exploit DB Packet Storm
203829 9.3 危険 OpenOffice.org Project
レッドハット
- OpenOffice.org の XPMReader::ReadXPM 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2009-2949 2010-03-5 10:32 2010-02-12 Show GitHub Exploit DB Packet Storm
203830 4.3 警告 アドビシステムズ - Adobe BlazeDS における重要な情報を取得される脆弱性 CWE-noinfo
情報不足
CVE-2009-3960 2010-03-5 10:32 2010-02-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 15, 2024, 4:16 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
258811 - sonatype nexus Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types. CWE-94
Code Injection
CVE-2014-0792 2014-01-21 23:14 2014-01-18 Show GitHub Exploit DB Packet Storm
258812 - rick_mead media_library_categories Multiple cross-site scripting (XSS) vulnerabilities in the Media Library Categories plugin 1.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) bulk parameter… CWE-79
Cross-site Scripting
CVE-2012-6630 2014-01-18 04:16 2014-01-17 Show GitHub Exploit DB Packet Storm
258813 - xyzscripts newsletter_manager Multiple cross-site request forgery (CSRF) vulnerabilities in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for r… CWE-352
 Origin Validation Error
CVE-2012-6629 2014-01-18 03:51 2014-01-17 Show GitHub Exploit DB Packet Storm
258814 - xyzscripts newsletter_manager Multiple cross-site scripting (XSS) vulnerabilities in the Newsletter Manager plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) xyz_em_campNa… CWE-79
Cross-site Scripting
CVE-2012-6628 2014-01-18 03:50 2014-01-17 Show GitHub Exploit DB Packet Storm
258815 - xyzscripts newsletter_manager Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the… CWE-79
Cross-site Scripting
CVE-2012-6627 2014-01-18 03:35 2014-01-17 Show GitHub Exploit DB Packet Storm
258816 - cisco webex_meetings_server The web portal in the Enterprise License Manager component in Cisco WebEx Meetings Server allows remote authenticated users to discover the cleartext administrative password by reading HTML source co… CWE-255
Credentials Management
CVE-2013-6687 2014-01-18 00:12 2014-01-17 Show GitHub Exploit DB Packet Storm
258817 - wireshark wireshark epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (applicatio… CWE-20
 Improper Input Validation 
CVE-2013-7113 2014-01-17 14:20 2013-12-20 Show GitHub Exploit DB Packet Storm
258818 - symantec web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote attackers to inject arbitrary web script or HTML vi… CWE-79
Cross-site Scripting
CVE-2013-4670 2014-01-17 14:17 2013-08-1 Show GitHub Exploit DB Packet Storm
258819 - symantec web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote authenticated users to hijack the authentication of un… CWE-352
 Origin Validation Error
CVE-2013-4671 2014-01-17 14:17 2013-08-1 Show GitHub Exploit DB Packet Storm
258820 - symantec web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command. CWE-264
Permissions, Privileges, and Access Controls
CVE-2013-4672 2014-01-17 14:17 2013-08-1 Show GitHub Exploit DB Packet Storm