Security assessment and information provision

This site provides information on security and offers web audit tools.

  Annoucement          Show List

  NVD Vulnerability Information         NVD Vulnerability Search Top 

Update Date":May 6, 2024, 8:15 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date
1 - - - A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Admin/user-record.php. The manipulation of the argument txtfullname leads to cross site scripting. The attack can be… New CWE-79
Cross-site Scripting 		CVE-2024-4528
2024-05-6 16:15 2024-05-6
2 - - - E-Mails exported as PDF were stored in a cache that did not consider specific session information for the related user account. Users of the same service node could access other users E-Mails in case they were exported as PDF for a brief moment until caches were cleared. Successful exploitation req… New - CVE-2024-23193
2024-05-6 16:15 2024-05-6
3 - - - Maliciously crafted E-Mail attachment names could be used to temporarily execute script code in the context of the users browser session. Common user interaction is required for the vulnerability to trigger. Attackers could perform malicious API requests or extract information from the users accoun… New - CVE-2024-23188
2024-05-6 16:15 2024-05-6
4 - - - Content-ID based embedding of resources in E-Mails could be abused to trigger client-side script code when using the "show more" option. Attackers could perform malicious API requests or extract information from the users account. Exploiting the vulnerability requires user interaction. Please deplo… New - CVE-2024-23187
2024-05-6 16:15 2024-05-6
5 - - - E-Mail containing malicious display-name information could trigger client-side script execution when using specific mobile devices. Attackers could perform malicious API requests or extract information from the users account. Please deploy the provided updates and patch releases. We now use safer m… New - CVE-2024-23186
2024-05-6 16:15 2024-05-6
6 - - - A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /view/student_payment_details2.php. The manipulation of the argument index leads to cross site scripting. It is possible to laun… New CWE-79
Cross-site Scripting 		CVE-2024-4527
2024-05-6 15:15 2024-05-6
7 - - - A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /view/student_payment_details3.php. The manipulation of the argument month leads to cross site scripting. The attack may be in… New CWE-79
Cross-site Scripting 		CVE-2024-4526
2024-05-6 15:15 2024-05-6
8 - - - A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /view/student_payment_details4.php. The manipulation of the argument index leads to cross site scripting. The attack can be … New CWE-79
Cross-site Scripting 		CVE-2024-4525
2024-05-6 15:15 2024-05-6
9 - - - A vulnerability, which was classified as problematic, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/student_payment_invoice.php. The manipulation of the argument desc leads to cross site scripting. It is possible to initiate t… New CWE-79
Cross-site Scripting 		CVE-2024-4524
2024-05-6 15:15 2024-05-6
10 - - - The MF Gig Calendar WordPress plugin through 1.2.1 does not have CSRF checks in some places, which could allow attackers to make logged in Contributors and above delete arbitrary events via a CSRF attack New - CVE-2024-3756
2024-05-6 15:15 2024-05-6

  JVN Vulnerability Information         JVN Vulnerability Search Top 

Update Date:Feb. 5, 2024, 11:32 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date
1 7 重要
Local 		Canonical
Linux 		Ubuntu
Linux Kernel 		Linux の Linux Kernel 等複数ベンダの製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2022-2602 2024-02-5 11:24 2022-10-19
2 7.8 重要
Local 		Canonical
Linux 		Ubuntu
Linux Kernel 		Linux の Linux Kernel 等複数ベンダの製品における二重解放に関する脆弱性 CWE-415
二重解放 		CVE-2022-2588 2024-02-5 11:09 2022-08-9
3 7.8 重要
Local 		Canonical
Linux 		Ubuntu
Linux Kernel 		Linux の Linux Kernel 等複数ベンダの製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2022-2586 2024-02-5 11:02 2022-08-9
4 5.5 警告
Local 		fortanix confidential computing manager fortanix の Intel Software Guard Extensions 用 confidential computing manager における脆弱性 CWE-noinfo
情報不足 		CVE-2023-38021 2024-02-2 17:01 2023-12-30
5 5.5 警告
Local 		fortanix confidential computing manager fortanix の Intel Software Guard Extensions 用 confidential computing manager における脆弱性 CWE-noinfo
情報不足 		CVE-2023-38022 2024-02-2 17:01 2023-12-30
6 5.5 警告
Local 		scontain scone scontain の scone における脆弱性 CWE-noinfo
情報不足 		CVE-2023-38023 2024-02-2 17:01 2023-12-30
7 7.2 重要
Network 		oretnom23 house rental management system oretnom23 の house rental management system における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-0502 2024-02-2 17:01 2024-01-13
8 7.5 重要
Network 		newtonsoft json.net newtonsoft の json.net における例外的な状態の処理に関する脆弱性 CWE-755
例外的な状態における不適切な処理 		CVE-2024-21907 2024-02-2 17:01 2024-01-3
9 5.5 警告
Local 		アップル iPadOS
iOS 		複数のアップル製品における脆弱性 CWE-noinfo
情報不足 		CVE-2022-46710 2024-02-2 16:58 2022-12-13
10 7.8 重要
Local 		- アップルの macOS における脆弱性 CWE-noinfo
情報不足 		CVE-2022-46721 2024-02-2 16:58 2022-10-24

 Version update history excerpt          Go To Version Update History

Target Period : 2024-04-29 〜 2024-05-06

No Name Genre Version Release date Security Fix Release Information
1 New!! Symfony 5.4(LTS) framework 5.4.39 2024-04-29 Unknown Show

 Support Expiration Date          Go to Support Expiration Information

Target Period : 2024-04-01 〜 2024-08-31

No Name Normal Support Security Support Extended Support
1 Warning Ubuntu 16.04 LTS 2021-04-30 2024-04-30
2 Warning Django3.2 LTS 2021-12-31 2024-04-30
3 Warning Node.js 16 (LTS) 2022-10-18 2024-04-30
4 Warning MongoDB 4.4 2024-04-30
5 Warning Ubuntu 23.04 2024-04-30
6 Fedora 38 2024-05-14
7 Angular 15 2023-05-18 2024-05-18
8 Linux Kernel 5.18 2024-05-25
9 CentOS 6 2017-03-31 2020-11-30 2024-06-30
10 Red Hat Enterprise Linux 6 2022-05-10 2020-11-30 2024-06-30
11 Red Hat Enterprise Linux 7 2020-08-6 2024-06-30
12 FreeBSD 12 2024-06-30
13 MariaDB 11.0 2024-06-30
14 SQL Server 2014 Service Pack 3 2019-07-9 2024-07-9
15 CentOS 7 2020-12-31 2024-07-30