Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":Jan. 31, 2025, 4:03 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 206181 | 9.3 | 危険 | リアルネットワークス | - | RealNetworks RealPlayer における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2011-4248 | 2011-11-28 10:16 | 2011-11-18 | Show | GitHub Exploit DB Packet Storm |
| 206182 | 10 | 危険 | リアルネットワークス | - | RealNetworks RealPlayer におけるヒープベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2011-4244 | 2011-11-28 10:13 | 2011-11-18 | Show | GitHub Exploit DB Packet Storm |
| 206183 | 4.3 | 警告 | Beanbag | - | Review Board の commenting system におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2011-4312 | 2011-11-25 16:03 | 2011-11-15 | Show | GitHub Exploit DB Packet Storm |
| 206184 | 3.2 | 注意 | ヒューレット・パッカード | - | HP Operations Agent および Performance Agent におけるディレクトリアクセス制限を回避される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2011-4160 | 2011-11-25 16:02 | 2011-11-22 | Show | GitHub Exploit DB Packet Storm |
| 206185 | 7.5 | 危険 | Technicolor | - | Thomson TG585 上の UPnP IGD の実装における任意のポートマッピングを確立される脆弱性 |
CWE-16
環境設定 |
CVE-2011-4506 | 2011-11-25 14:33 | 2011-11-22 | Show | GitHub Exploit DB Packet Storm |
| 206186 | 7.5 | 危険 | 日本アルカテル・ルーセント | - | SpeedTouch 5x6 上の UPnP IGD の実装における任意のポートマッピングを確立される脆弱性 |
CWE-16
環境設定 |
CVE-2011-4505 | 2011-11-25 14:32 | 2011-11-22 | Show | GitHub Exploit DB Packet Storm |
| 206187 | 7.5 | 危険 | ZyXEL Genmei Mori |
- | ZyXEL P-330W におけるポートマッピングによる通信を確立される脆弱性 |
CWE-16
環境設定 |
CVE-2011-4504 | 2011-11-25 14:31 | 2011-11-22 | Show | GitHub Exploit DB Packet Storm |
| 206188 | 7.5 | 危険 | Sitecom Broadcom |
- | Sitecom WL-111 上で動作する Broadcom Linux の UPnP IGD 実装におけるポートマッピングを確立される脆弱性 |
CWE-16
環境設定 |
CVE-2011-4503 | 2011-11-25 14:31 | 2011-11-22 | Show | GitHub Exploit DB Packet Storm |
| 206189 | 7.5 | 危険 | Sitecom Canyon EDIMAX Technology Sweex |
- | 複数のルータ上で動作する Edimax EdiLinux の UPnP IGD 実装における任意のコマンドを実行される脆弱性 |
CWE-16
環境設定 |
CVE-2011-4502 | 2011-11-25 14:30 | 2011-11-22 | Show | GitHub Exploit DB Packet Storm |
| 206190 | 7.5 | 危険 | Sitecom Canyon EDIMAX Technology Sweex |
- | 複数のルータ上で動作する Edimax EdiLinux の UPnP IGD 実装におけるポートマッピングを確立される脆弱性 |
CWE-16
環境設定 |
CVE-2011-4501 | 2011-11-25 14:29 | 2011-11-22 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:Feb. 1, 2025, 4:12 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 2051 | 5.4 |
MEDIUM
Network |
vanderbilt | redcap | A stored cross-site scripting (XSS) vulnerability in the built-in messenger of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the message field. When a user click on the re… |
CWE-79
Cross-site Scripting |
CVE-2024-56376 | 2025-01-17 06:10 | 2025-01-10 | Show | GitHub Exploit DB Packet Storm |
| 2052 | 9.8 |
CRITICAL
Network
ivanti
|
avalanche
|
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. This CVE addresses incomplete fixes from CVE-2024-47010.
|
CWE-22
|
Path Traversal
CVE-2024-13181
|
2025-01-17 06:02 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 2053 | 7.5 |
HIGH
Network
ivanti
|
avalanche
|
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. This CVE addresses incomplete fixes from CVE-2024-47011.
|
CWE-22
|
Path Traversal
CVE-2024-13180
|
2025-01-17 06:01 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 2054 | 9.8 |
CRITICAL
Network
ivanti
|
avalanche
|
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.
|
CWE-22
|
Path Traversal
CVE-2024-13179
|
2025-01-17 06:01 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 2055 | 7.8 |
HIGH
Local |
adobe | illustrator | Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user… |
CWE-191
Integer Underflow (Wrap or Wraparound) |
CVE-2025-21134 | 2025-01-17 05:43 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 2056 | 8.8 |
HIGH
Network |
chrome | Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CWE-125
Out-of-bounds Read |
CVE-2025-0437 | 2025-01-17 05:35 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm | |
| 2057 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2022_23h2 windows_11_23h2 windows_10_1607 windows_10_1809 windows_10_1507 windows_10_21h2 windows_10_22h2 windows_11_… |
Windows Telephony Service Remote Code Execution Vulnerability |
NVD-CWE-noinfo
|
CVE-2025-21417 | 2025-01-17 05:34 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 2058 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability |
NVD-CWE-noinfo
|
CVE-2025-21413 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 2059 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability |
NVD-CWE-noinfo
|
CVE-2025-21411 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 2060 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability |
NVD-CWE-noinfo
|
CVE-2025-21409 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |