Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 22, 2025, 6:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
206541	4.3	警告	マイクロソフト	-	Microsoft Windows の MHTML プロトコルハンドラにおけるクロスサイトスクリプティングを誘導される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1894	2011-06-23 11:27	2011-06-14	Show	GitHub Exploit DB Packet Storm

206542	5.5	警告	ターボリナックス Timo Sirainen レッドハット	-	Dovecot の plugins/acl/acl-backend-vfile.c におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3707	2011-06-23 11:15	2010-10-2	Show	GitHub Exploit DB Packet Storm

206543	4	警告	ターボリナックス Timo Sirainen レッドハット	-	Dovecot におけるサービス運用妨害 (master process outage) の脆弱性	CWE-Other その他	CVE-2010-3780	2011-06-23 11:14	2010-10-2	Show	GitHub Exploit DB Packet Storm

206544	4.3	警告	Google	-	Android の Android ブラウザにおける SD カード上の情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-4804	2011-06-21 07:53	2011-06-9	Show	GitHub Exploit DB Packet Storm

206545	4.3	警告	株式会社カワイビジネスソフトウエア	-	WeblyGo におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1330	2011-06-20 12:01	2011-06-20	Show	GitHub Exploit DB Packet Storm

206546	-	-	Autonomy	-	Autonomy KeyView IDOL に複数の脆弱性	-	-	2011-06-20 11:19	2011-06-8	Show	GitHub Exploit DB Packet Storm

206547	7.6	危険	シスコシステムズ	-	Linux および Mac OS 上で稼働する Cisco AnyConnect Secure Mobility Client における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-2040	2011-06-20 11:12	2011-06-1	Show	GitHub Exploit DB Packet Storm

206548	7.6	危険	シスコシステムズ	-	Windows 上で稼働する Cisco AnyConnect Secure Mobility Client における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-2039	2011-06-20 11:10	2011-06-1	Show	GitHub Exploit DB Packet Storm

206549	9.3	危険	シスコシステムズ	-	Cisco WebEx WRF Player の atrpui.dll におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-2880	2011-06-17 11:28	2009-12-16	Show	GitHub Exploit DB Packet Storm

206550	9.3	危険	シスコシステムズ	-	Cisco WebEx WRF Player の atas32.dll におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-2879	2011-06-17 11:25	2009-12-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 22, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2661	-	-	-	In multiple locations, there is a possible way to avoid unbinding of a service from the system due to a logic error in the code. This could lead to local escalation of privilege with no additional ex…	-	CVE-2024-43762	2025-01-3 10:15	2025-01-3	Show	GitHub Exploit DB Packet Storm

2662	-	-	-	In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed…	-	CVE-2024-43097	2025-01-3 10:15	2025-01-3	Show	GitHub Exploit DB Packet Storm

2663	-	-	-	In DevmemValidateFlags of devicemem_server.c , there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileg…	-	CVE-2024-43077	2025-01-3 10:15	2025-01-3	Show	GitHub Exploit DB Packet Storm

2664	-	-	-	A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID…	-	CVE-2024-8447	2025-01-3 06:15	2025-01-3	Show	GitHub Exploit DB Packet Storm

2665	-	-	-	Cross Site Scripting vulnerability in Audiocodes MP-202b v.4.4.3 allows a remote attacker to escalate privileges via the login page of the web interface.	-	CVE-2024-48197	2025-01-3 05:16	2025-01-3	Show	GitHub Exploit DB Packet Storm

2666	-	-	-	A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain th…	-	CVE-2024-52047	2025-01-3 05:16	2025-01-1	Show	GitHub Exploit DB Packet Storm

2667	-	-	-	An issue was discovered in tc-lib-pdf-font before 2.6.4, as used in TCPDF before 6.8.0 and other products. Fonts are mishandled, e.g., FontBBox for Type 1 and TrueType fonts is misparsed.	-	CVE-2024-56520	2025-01-3 05:16	2024-12-27	Show	GitHub Exploit DB Packet Storm

2668	-	-	-	An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute.	-	CVE-2024-56519	2025-01-3 05:16	2024-12-27	Show	GitHub Exploit DB Packet Storm

2669	-	-	-	A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /orders/view_order.php. The manipulati…	CWE-89 CWE-74 SQL Injection Injection	CVE-2025-0173	2025-01-3 03:15	2025-01-3	Show	GitHub Exploit DB Packet Storm

2670	-	-	-	phpMyFAQ is an open source FAQ web application. Starting no later than version 3.2.10 and prior to version 4.0.2, an attacker can inject malicious HTML content into the FAQ editor at `http[:]//localh…	CWE-79 CWE-80 Cross-site Scripting Basic XSS	CVE-2024-56199	2025-01-3 03:15	2025-01-3	Show	GitHub Exploit DB Packet Storm