Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 8, 2025, 6:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207211	1.9	注意	IBM	-	IBM WebSphere Application Server における KeyRingPassword のパスワード情報が漏えいする脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-0769	2010-05-27 17:25	2010-04-1	Show	GitHub Exploit DB Packet Storm

207212	4.3	警告	IBM	-	IBM WebSphere Application Server の管理コンソールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0768	2010-05-27 17:25	2010-04-1	Show	GitHub Exploit DB Packet Storm

207213	4	警告	IBM	-	IBM WebSphere Application Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-0770	2010-05-27 17:25	2010-04-1	Show	GitHub Exploit DB Packet Storm

207214	5	警告	IBM	-	IBM WebSphere Application Server (WAS) の Administrative Console コンポーネントにおける WAS セッションの内容を読まれる脆弱性	CWE-200 情報漏えい	CVE-2009-1898	2010-05-27 17:24	2009-06-3	Show	GitHub Exploit DB Packet Storm

207215	6.8	警告	サイバートラスト株式会社レッドハット	-	TeX Live 2009 および teTeX の dvipsk/dospecial.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-1440	2010-05-26 16:33	2010-05-6	Show	GitHub Exploit DB Packet Storm

207216	6.8	警告	サイバートラスト株式会社レッドハット	-	TeX Live および teTeX の predospecial 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-0739	2010-05-26 16:32	2010-04-16	Show	GitHub Exploit DB Packet Storm

207217	9.3	危険	アドビシステムズ	-	Adobe Photoshop CS4 における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1279	2010-05-26 16:32	2010-04-30	Show	GitHub Exploit DB Packet Storm

207218	9.3	危険	レッドハット freedesktop.org サイバートラスト株式会社 Glyph & Cog, LLC	-	Xpdf および Poppler の ObjectStream::ObjectStream 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-3608	2010-05-26 16:31	2009-10-15	Show	GitHub Exploit DB Packet Storm

207219	6.8	警告	サイバートラスト株式会社レッドハット CUPS	-	CUPS の pdftops フィルタにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-0791	2010-05-26 16:30	2009-06-3	Show	GitHub Exploit DB Packet Storm

207220	6.8	警告	レッドハット Glyph & Cog, LLC サイバートラスト株式会社 CUPS	-	Xpdf および CUPS におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0195	2010-05-26 16:30	2009-04-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 8, 2025, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1851	-		-	-	A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid…	CWE-122 Heap-based Buffer Overflow	CVE-2020-12819	2024-12-19 17:15	2024-12-19	Show	GitHub Exploit DB Packet Storm

1852	4.3	MEDIUM Network	-	-	The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via the 'btn_bloc…	CWE-200 Information Exposure	CVE-2024-12560	2024-12-19 16:15	2024-12-19	Show	GitHub Exploit DB Packet Storm

1853	5.3	MEDIUM Network	-	-	The Download Manager plugin for WordPress is vulnerable to unauthorized download of password-protected content due to improper password validation on the checkFilePassword function in all versions up…	CWE-285 Improper Authorization	CVE-2024-11768	2024-12-19 15:15	2024-12-19	Show	GitHub Exploit DB Packet Storm

1854	7.3	HIGH Network	-	-	The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.03. This is due to the software allowing users to execute an act…	CWE-94 Code Injection	CVE-2024-11740	2024-12-19 15:15	2024-12-19	Show	GitHub Exploit DB Packet Storm

1855	-		-	-	CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and SD_ACMD CLI. This would allow the non admin user to access the critical encryption keys which further…	-	CVE-2024-38499	2024-12-19 15:15	2024-12-17	Show	GitHub Exploit DB Packet Storm

1856	-		-	-	Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with local access could potentially exploit thi…	CWE-88 Argument Injection	CVE-2024-51532	2024-12-19 11:15	2024-12-19	Show	GitHub Exploit DB Packet Storm

1857	7.8	HIGH Local	-	-	IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges.	CWE-250 Execution with Unnecessary Privileges	CVE-2024-35141	2024-12-19 11:15	2024-12-19	Show	GitHub Exploit DB Packet Storm

1858	5.4	MEDIUM Network	-	-	The Broken Link Checker \| Finder plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the 'moblc_check_link' function. This makes it…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-12121	2024-12-19 11:15	2024-12-19	Show	GitHub Exploit DB Packet Storm

1859	6.5	MEDIUM Network	-	-	The WP Project Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.15 via the Project Task List ('/wp-json/pm/v2/projects/1/task-lis…	CWE-200 Information Exposure	CVE-2024-10548	2024-12-19 11:15	2024-12-19	Show	GitHub Exploit DB Packet Storm

1860	5.3	MEDIUM Network	-	-	IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query.	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2023-30443	2024-12-19 11:15	2024-12-19	Show	GitHub Exploit DB Packet Storm