Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
204191 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
204192 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
204193 10 危険 アップル
VMware
サン・マイクロシステムズ
- Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足
CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
204194 10 危険 アップル
VMware
サン・マイクロシステムズ
- Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足
CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
971 5.4 MEDIUM
Network
apple iphone_os
ipados
watchos
visionos
tvos
macos
safari
The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Pr… NVD-CWE-noinfo
CVE-2024-44296 2024-11-14 23:58 2024-10-29 Show GitHub Exploit DB Packet Storm
972 7.3 HIGH
Network
wppa wp_photo_album_plus The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This … CWE-94
Code Injection
CVE-2024-10958 2024-11-14 23:57 2024-11-10 Show GitHub Exploit DB Packet Storm
973 7.2 HIGH
Network
angeljudesuarez construction_management_system A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrow_id parameter. CWE-89
SQL Injection
CVE-2024-50972 2024-11-14 23:55 2024-11-14 Show GitHub Exploit DB Packet Storm
974 9.8 CRITICAL
Network
weechat weechat WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects string_free_split_shared , string_f… CWE-190
 Integer Overflow or Wraparound
CVE-2024-46613 2024-11-14 23:55 2024-11-11 Show GitHub Exploit DB Packet Storm
975 7.2 HIGH
Network
angeljudesuarez construction_management_system A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the map_id parameter. CWE-89
SQL Injection
CVE-2024-50971 2024-11-14 23:54 2024-11-14 Show GitHub Exploit DB Packet Storm
976 8.8 HIGH
Network
nikoarroyocuraza online_furniture_shopping_project A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection
CVE-2024-50970 2024-11-14 23:52 2024-11-14 Show GitHub Exploit DB Packet Storm
977 8.8 HIGH
Network
tendacn g3_firmware Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function. CWE-77
Command Injection
CVE-2024-50853 2024-11-14 23:49 2024-11-14 Show GitHub Exploit DB Packet Storm
978 6.1 MEDIUM
Network
anisha jonnys_liquor A Reflected cross-site scripting (XSS) vulnerability in browse.php of Code-projects Jonnys Liquor 1.0 allows remote attackers to inject arbitrary web scripts or HTML via the search parameter. CWE-79
Cross-site Scripting
CVE-2024-50969 2024-11-14 23:47 2024-11-14 Show GitHub Exploit DB Packet Storm
979 8.8 HIGH
Network
tendacn g3_firmware Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function. CWE-787
 Out-of-bounds Write
CVE-2024-50854 2024-11-14 23:43 2024-11-14 Show GitHub Exploit DB Packet Storm
980 8.8 HIGH
Network
tendacn g3_firmware Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function. CWE-77
Command Injection
CVE-2024-50852 2024-11-14 23:38 2024-11-14 Show GitHub Exploit DB Packet Storm