Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Dec. 26, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207251	9.3	危険	マイクロソフト	-	Microsoft Office および Open XML File Format Converter における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3127	2010-01-5 16:16	2009-11-10	Show	GitHub Exploit DB Packet Storm

207252	6.8	警告	アップルサイバートラスト株式会社サン・マイクロシステムズターボリナックスヒューレット・パッカード OpenSSL Project レッドハット	-	OpenSSL の SSL_get_shared_ciphers() 関数における一つずれエラーの脆弱性	CWE-189 数値処理の問題	CVE-2007-5135	2010-01-5 13:31	2007-10-12	Show	GitHub Exploit DB Packet Storm

207253	7.8	危険	マイクロソフト	-	Microsoft Windows で稼働している Active Directory の LDAP サービスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-1928	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

207254	9.3	危険	マイクロソフト	-	Microsoft Windows の kernel における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2514	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

207255	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2513	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

207256	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

207257	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

207258	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

207259	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

207260	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Dec. 26, 2024, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1921	8.5	HIGH Network	-	-	The WPForms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpforms_is_admin_page' function in versions starting from 1.8.4 up to, an…	CWE-862 Missing Authorization	CVE-2024-11205	2024-12-10 14:15	2024-12-10	Show	GitHub Exploit DB Packet Storm

1922	-		-	-	Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell …	CWE-922 Insecure Storage of Sensitive Information	CVE-2024-37144	2024-12-10 12:15	2024-12-10	Show	GitHub Exploit DB Packet Storm

1923	-		-	-	Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell …	CWE-59 Link Following	CVE-2024-37143	2024-12-10 12:15	2024-12-10	Show	GitHub Exploit DB Packet Storm

1924	-		-	-	In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose cre…	CWE-914	CVE-2024-54198	2024-12-10 10:15	2024-12-10	Show	GitHub Exploit DB Packet Storm

1925	-		-	-	SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploit…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-54197	2024-12-10 10:15	2024-12-10	Show	GitHub Exploit DB Packet Storm

1926	-		-	-	SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks, resulting …	CWE-862 Missing Authorization	CVE-2024-47585	2024-12-10 10:15	2024-12-10	Show	GitHub Exploit DB Packet Storm

1927	-		-	-	Due to missing validation of XML input, an unauthenticated attacker could send malicious input to an endpoint which leads to XML Entity Expansion attack. This causes limited impact on availability of…	CWE-611 XXE	CVE-2024-47582	2024-12-10 10:15	2024-12-10	Show	GitHub Exploit DB Packet Storm

1928	-		-	-	SAP HCM Approve Timesheets Version 4 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.There is low impact on integrity of t…	CWE-862 Missing Authorization	CVE-2024-47581	2024-12-10 10:15	2024-12-10	Show	GitHub Exploit DB Packet Storm

1929	-		-	-	An attacker authenticated as an administrator can use an exposed webservice to create a PDF with an embedded attachment. By specifying the file to be an internal server file and subsequently downloa…	CWE-538 File and Directory Information Exposure	CVE-2024-47580	2024-12-10 10:15	2024-12-10	Show	GitHub Exploit DB Packet Storm

1930	-		-	-	An attacker authenticated as an administrator can use an exposed webservice to upload or download a custom PDF font file on the system server. Using the upload functionality to copy an internal file…	CWE-538 File and Directory Information Exposure	CVE-2024-47579	2024-12-10 10:15	2024-12-10	Show	GitHub Exploit DB Packet Storm