Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 10, 2025, 6:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
208161	9.3	危険	マイクロソフト	-	複数の Microsoft 製品のテキストコンバーターにおける整数オーバーフローの脆弱性	CWE-94 コード・インジェクション	CVE-2009-2506	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

208162	9	危険	マイクロソフト	-	Microsoft Windows の Active Directory フェデレーションサービスにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2509	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

208163	6.9	警告	マイクロソフト	-	Microsoft Windows の Active Directory フェデレーションサービスのシングルサインオン実装における認証情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2009-2508	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

208164	6.8	警告	マイクロソフト	-	Microsoft Windows の LSASS におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-3675	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

208165	9.3	危険	マイクロソフト	-	Microsoft Project における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-0102	2010-01-22 10:26	2009-12-8	Show	GitHub Exploit DB Packet Storm

208166	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer におけるメモリ破損の脆弱性	CWE-94 コード・インジェクション	CVE-2009-3673	2010-01-22 10:26	2009-12-8	Show	GitHub Exploit DB Packet Storm

208167	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer におけるメモリ破損の脆弱性	CWE-399 リソース管理の問題	CVE-2009-3671	2010-01-22 10:26	2009-12-8	Show	GitHub Exploit DB Packet Storm

208168	10	危険	マイクロソフト	-	Microsoft Windows のインターネット認証サービスにおけるネットワークリソースにアクセスされる脆弱性	CWE-255 CWE-94	CVE-2009-3677	2010-01-22 10:24	2009-12-8	Show	GitHub Exploit DB Packet Storm

208169	10	危険	マイクロソフト	-	Microsoft Windows のインターネット認証サービスにおける任意のコードを実行される脆弱性	CWE-287 不適切な認証	CVE-2009-2505	2010-01-22 10:24	2009-12-8	Show	GitHub Exploit DB Packet Storm

208170	6.9	警告	acpid	-	acpid の umask におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4235	2010-01-21 11:44	2009-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 10, 2025, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2161	5.5	MEDIUM Local	apple	macos	This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious application may be able to leak a user's credentials.	CWE-522 Insufficiently Protected Credentials	CVE-2024-54471	2024-12-20 00:25	2024-12-12	Show	GitHub Exploit DB Packet Storm

2162	9.8	CRITICAL Network	gstreamer_project	gstreamer	GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_cou…	CWE-787 CWE-190 Out-of-bounds Write Integer Overflow or Wraparound	CVE-2024-47537	2024-12-20 00:20	2024-12-12	Show	GitHub Exploit DB Packet Storm

2163	-		-	-	Improper neutralization of input in Nagvis before version 1.9.42 which can lead to XSS	-	CVE-2024-47093	2024-12-20 00:15	2024-12-20	Show	GitHub Exploit DB Packet Storm

2164	8.8	HIGH Network	-	-	A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially craf…	CWE-20 Improper Input Validation	CVE-2024-25131	2024-12-20 00:15	2024-12-20	Show	GitHub Exploit DB Packet Storm

2165	-		-	-	A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3.1 on macOS. Affected is the function shouldAcceptNewConnection of the file com.x1a0he.macOS.Adobe-Dow…	CWE-266 CWE-269 Incorrect Privilege Assignment Improper Privilege Management	CVE-2024-12786	2024-12-20 00:15	2024-12-20	Show	GitHub Exploit DB Packet Storm

2166	-		-	-	A vulnerability was found in itsourcecode Vehicle Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file sendmail.php. The man…	CWE-89 CWE-74 SQL Injection Injection	CVE-2024-12785	2024-12-20 00:15	2024-12-20	Show	GitHub Exploit DB Packet Storm

2167	5.5	MEDIUM Local	fabulatech	usb_over_network	A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. …	CWE-476 NULL Pointer Dereference	CVE-2024-12656	2024-12-20 00:11	2024-12-17	Show	GitHub Exploit DB Packet Storm

2168	5.5	MEDIUM Local	fabulatech	usb_over_network	A vulnerability, which was classified as problematic, has been found in FabulaTech USB over Network 6.0.6.1. Affected by this issue is the function 0x220420 in the library ftusbbus2.sys of the compon…	CWE-476 NULL Pointer Dereference	CVE-2024-12655	2024-12-20 00:11	2024-12-17	Show	GitHub Exploit DB Packet Storm

2169	5.9	MEDIUM Network	invoiceplane	invoiceplane	A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /invoices/view. The manipulation leads to session…	CWE-613 Insufficient Session Expiration	CVE-2024-12667	2024-12-20 00:10	2024-12-17	Show	GitHub Exploit DB Packet Storm

2170	8.8	HIGH Network	classcms	classcms	A vulnerability has been found in ClassCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin?do=admin:user:editPost of the component …	NVD-CWE-noinfo	CVE-2024-12666	2024-12-20 00:01	2024-12-17	Show	GitHub Exploit DB Packet Storm