JVN/CVE Demo: Jvninfos

JVN List

Name	Title	Summary	Cveinfo	Cvssv2	Jvnurl	Published Date	Last Updated Date	Actions
JVNDB-2013-004378	libvirt の xen/xend_internal.c の xenDaemonListDefinedDomains 関数におけるサービス運用妨害 (DoS) の脆弱性	libvirt の xen/xend_internal.c の xenDaemonListDefinedDomains 関数には、サービス運用妨害 (メモリ破損およびクラッシュ) 状態にされる脆弱性が存在します。	CVE-2013-4239	4	http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004378.html	2013-09-02	2013-10-02	View
JVNDB-2012-004654	Condor におけるアイドル状態の任意のジョブを削除される脆弱性	Condor の src/condor_schedd.V6/schedd.cpp は、ジョブのパーミッションを適切にチェックしないため、アイドル状態の任意のジョブを削除される脆弱性が存在します。	CVE-2012-3491	4	http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004654.html	2012-09-19	2012-10-02	View
JVNDB-2008-002689	WordPress の DMSGuestbook プラグインの wp-admin/admin.php におけるディレクトリトラバーサルの脆弱性	WordPress の DMSGuestbook プラグインの wp-admin/admin.php には、ディレクトリトラバーサルの脆弱性が存在します。	CVE-2008-0615	4	http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002689.html	2008-02-06	2012-06-26	View
JVNDB-2016-004633	Cisco Hosted Collaboration Mediation Fulfillment の Web インターフェースにおけるディレクトリトラバーサルの脆弱性	Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) の Web インターフェースには、ディレクトリトラバーサルの脆弱性が存在します。	CVE-2016-6370	4	http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004633.html	2016-08-31	2016-09-14	View
JVNDB-2014-002975	Cisco Adaptive Security Appliance ソフトウェアの WebVPN ポータルにおける重要な情報を取得される脆弱性	Cisco Adaptive Security Appliance (ASA) ソフトウェアの WebVPN ポータルには、重要な情報を取得される脆弱性が存在します。	CVE-2014-2151	4	http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002975.html	2014-06-17	2014-06-20	View

Page 2098 of 13768, showing 5 records out of 68839 total, starting on record 10486, ending on 10490

<<first <prev 2094 | 2095 | 2096 | 2097 | 2098 | 2099 | 2100 | 2101 | 2102 next> last>>

Actions

List NVD

History
+
Request History
4 previous requests available
====
Session
+
Session
- 0(null)
====
Request
+
Request

Cake Params
- plugin(null)
- controllerjvninfos
- actionindex
- named(array)
  page2098
  sortcvssv2
  directionasc
- pass(empty)
- paging(array)
  Jvninfo(array)
  page2098
  current5
  count68839
  prevPage(true)
  nextPage(true)
  pageCount13768
  order(array)
  Jvninfo.cvssv2asc
  limit5
  options(array)
  page2098
  order(array)
  Jvninfo.cvssv2asc
  sortcvssv2
  directionasc
  conditions(empty)
  paramTypenamed
Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route
- keys(array)
  0controller
  1action
- options(array)
  defaultRoute(true)
- defaults(array)
  plugin(null)
- template/:controller/:action/*
====
Sql Log
+

Sql Logs

default
No query logs.

====

Timer

+

Memory

Peak Memory Use 4.02 MB

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.27 MB
View render complete	2.77 MB

Timers

Total Request Time: 197 (ms)

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	4.13
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	173.79
Event: Controller.beforeRender	4.66
» Processing toolbar data	4.58
Rendering View	7.96
» Event: View.beforeRender	0.02
» Rendering APP/View/Jvninfos/index.ctp	6.76
» Event: View.afterRender	0.03
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.70
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.14
Event: View.afterLayout	0.00

====

Log
+

Logs

There were no log entries made this request

====
Variables
+
View Variables
- jvninfos(array)
  0(array)
  Jvninfo(array)
  id22803
  nameJVNDB-2013-004378
  titlelibvirt の xen/xend_internal.c の xenDaemonListDefinedDomains 関数におけるサービス運用妨害 (DoS) の脆弱性
  summarylibvirt の xen/xend_internal.c の xenDaemonListDefinedDomains 関数には、サービス運用妨害 (メモリ破損およびクラッシュ) 状態にされる脆弱性が存在します。
  cveinfo_nameCVE-2013-4239
  cveinfo_id64181
  nvdinfo_nameCVE-2013-4239
  nvdinfo_id39878
  cvssv24
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004378.html
  published_date2013-09-02
  registered_date2013-10-02
  last_updated_date2013-10-02
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id64181
  nameCVE-2013-4234
  statusCandidate
  descriptionMultiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC.
  phaseAssigned (20130612)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id39878
  nameCVE-2013-4239
  descriptionThe xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the virConnectListDefinedDomains API function.
  reject(null)
  CVSS_version2
  CVSS_score4
  severityMedium
  CVSS_base_score4
  CVSS_impact_subscore2.9
  CVSS_exploit_subscore8
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:L/Au:S/C:N/I:N/A:P)
  sourcecve
  pub_date2017-01-18
  published2013-09-30
  modified_date2013-10-01
  typeCVE
  seq2013-4239
  deleted(null)
  created(null)
  modified(null)
  1(array)
  Jvninfo(array)
  id28947
  nameJVNDB-2012-004654
  titleCondor におけるアイドル状態の任意のジョブを削除される脆弱性
  summaryCondor の src/condor_schedd.V6/schedd.cpp は、ジョブのパーミッションを適切にチェックしないため、アイドル状態の任意のジョブを削除される脆弱性が存在します。
  cveinfo_nameCVE-2012-3491
  cveinfo_id56729
  nvdinfo_nameCVE-2012-3491
  nvdinfo_id45083
  cvssv24
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004654.html
  published_date2012-09-19
  registered_date2012-10-02
  last_updated_date2012-10-02
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id56729
  nameCVE-2012-3486
  statusCandidate
  descriptionTunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a script upon occurrence of an OpenVPN event.
  phaseAssigned (20120614)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id45083
  nameCVE-2012-3491
  descriptionsrc/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.
  reject(null)
  CVSS_version2
  CVSS_score4
  severityMedium
  CVSS_base_score4
  CVSS_impact_subscore2.9
  CVSS_exploit_subscore8
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:L/Au:S/C:N/I:N/A:P)
  sourcecve
  pub_date2017-01-19
  published2012-09-28
  modified_date2012-10-03
  typeCVE
  seq2012-3491
  deleted(null)
  created(null)
  modified(null)
  2(array)
  Jvninfo(array)
  id47379
  nameJVNDB-2008-002689
  titleWordPress の DMSGuestbook プラグインの wp-admin/admin.php におけるディレクトリトラバーサルの脆弱性
  summaryWordPress の DMSGuestbook プラグインの wp-admin/admin.php には、ディレクトリトラバーサルの脆弱性が存在します。
  cveinfo_nameCVE-2008-0615
  cveinfo_id30728
  nvdinfo_nameCVE-2008-0615
  nvdinfo_id590
  cvssv24
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002689.html
  published_date2008-02-06
  registered_date2012-06-26
  last_updated_date2012-06-26
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id30728
  nameCVE-2008-0611
  statusCandidate
  descriptionSQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
  phaseAssigned (20080205)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id590
  nameCVE-2008-0615
  descriptionDirectory traversal vulnerability in wp-admin/admin.php in the DMSGuestbook 1.8.0 and 1.7.0 plugin for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) folder and (2) file parameters.
  reject(null)
  CVSS_version2
  CVSS_score4
  severityMedium
  CVSS_base_score4
  CVSS_impact_subscore2.9
  CVSS_exploit_subscore8
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:L/Au:S/C:P/I:N/A:N)
  sourcecve
  pub_date2017-01-03
  published2008-02-06
  modified_date2008-09-05
  typeCVE
  seq2008-0615
  deleted(null)
  created(null)
  modified(null)
  3(array)
  Jvninfo(array)
  id3860
  nameJVNDB-2016-004633
  titleCisco Hosted Collaboration Mediation Fulfillment の Web インターフェースにおけるディレクトリトラバーサルの脆弱性
  summaryCisco Hosted Collaboration Mediation Fulfillment (HCM-F) の Web インターフェースには、ディレクトリトラバーサルの脆弱性が存在します。
  cveinfo_nameCVE-2016-6370
  cveinfo_id92877
  nvdinfo_nameCVE-2016-6370
  nvdinfo_id21150
  cvssv24
  cvssv34.3
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004633.html
  published_date2016-08-31
  registered_date2016-09-14
  last_updated_date2016-09-14
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id92877
  nameCVE-2016-6057
  statusCandidate
  description** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
  phaseAssigned (20160629)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id21150
  nameCVE-2016-6370
  descriptionDirectory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 10.6(3) and earlier allows remote authenticated users to read arbitrary files via a crafted pathname in an HTTP request, aka Bug ID CSCuz27255.
  reject(null)
  CVSS_version2
  CVSS_score4
  severityMedium
  CVSS_base_score4
  CVSS_impact_subscore2.9
  CVSS_exploit_subscore8
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:L/Au:S/C:P/I:N/A:N)
  sourcecve
  pub_date2017-01-19
  published2016-09-12
  modified_date2016-12-12
  typeCVE
  seq2016-6370
  deleted(null)
  created(null)
  modified(null)
  4(array)
  Jvninfo(array)
  id14100
  nameJVNDB-2014-002975
  titleCisco Adaptive Security Appliance ソフトウェアの WebVPN ポータルにおける重要な情報を取得される脆弱性
  summaryCisco Adaptive Security Appliance (ASA) ソフトウェアの WebVPN ポータルには、重要な情報を取得される脆弱性が存在します。
  cveinfo_nameCVE-2014-2151
  cveinfo_id69438
  nvdinfo_nameCVE-2014-2151
  nvdinfo_id30625
  cvssv24
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002975.html
  published_date2014-06-17
  registered_date2014-06-20
  last_updated_date2014-06-20
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id69438
  nameCVE-2014-2143
  statusCandidate
  descriptionThe IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021.
  phaseAssigned (20140225)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id30625
  nameCVE-2014-2151
  descriptionThe WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520.
  reject(null)
  CVSS_version2
  CVSS_score4
  severityMedium
  CVSS_base_score4
  CVSS_impact_subscore2.9
  CVSS_exploit_subscore8
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:L/Au:S/C:P/I:N/A:N)
  sourcecve
  pub_date2017-01-19
  published2014-06-18
  modified_date2016-09-07
  typeCVE
  seq2014-2151
  deleted(null)
  created(null)
  modified(null)
- $request->data(empty)
- $this->validationErrors(array)
  Jvninfo(empty)
  Cveinfo(empty)
  Nvdinfo(empty)
- Loaded Helpers(array)
  0Number
  1SimpleGraph
  2Paginator
  3DebugTimer
  4Toolbar
  5Html
  6Text
  7Form
  8Session
  9HtmlToolbar
====

+

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:2098/sort:cvssv2/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:2098/sort:cvssv2/direction:asc
Remote Port	13102
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.66
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.85.41
Http Via	1.1 squid-proxy-5b5d847c96-hm7vw (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.66
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.66
Unique Id	aHiTQ3VPxJ9gmbIMGqcz3wAAARc
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.66
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.66
Redirect Unique Id	aHiTQ3VPxJ9gmbIMGqcz3wAAARc
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.66
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.66
Redirect Redirect Unique Id	aHiTQ3VPxJ9gmbIMGqcz3wAAARc
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1752732483.3005
Request Time	1752732483

====

Include
+
Included Files

Include Paths
- 0/virtual/inogo77/public_html/jvn/lib
- 2/opt/remi/php56/root/usr/share/pear
- 3/opt/remi/php56/root/usr/share/php
- 4/usr/share/pear
- 5/usr/share/php
- 6-> /virtual/inogo77/public_html/jvn/lib/Cake/
Included Files
- core(array)
  Cache(array)
  0CORE/Cache/Cache.php
  1CORE/Cache/Engine/FileEngine.php
  2CORE/Cache/CacheEngine.php
  Component(array)
  0CORE/Controller/Component/SessionComponent.php
  1CORE/Controller/Component/PaginatorComponent.php
  Config(array)
  0CORE/Config/routes.php
  1CORE/Config/config.php
  Controller(array)
  0CORE/Controller/Controller.php
  1CORE/Controller/ComponentCollection.php
  2CORE/Controller/Component.php
  Datasource(array)
  0CORE/Model/Datasource/CakeSession.php
  1CORE/Model/Datasource/Database/Mysql.php
  2CORE/Model/Datasource/DboSource.php
  3CORE/Model/Datasource/DataSource.php
  Error(array)
  0CORE/Error/exceptions.php
  1CORE/Error/ErrorHandler.php
  I18n(array)
  0CORE/I18n/I18n.php
  1CORE/I18n/L10n.php
  Log(array)
  0CORE/Log/CakeLog.php
  1CORE/Log/LogEngineCollection.php
  2CORE/Log/Engine/FileLog.php
  3CORE/Log/Engine/BaseLog.php
  4CORE/Log/CakeLogInterface.php
  Model(array)
  0CORE/Model/Model.php
  1CORE/Model/BehaviorCollection.php
  2CORE/Model/ConnectionManager.php
  Network(array)
  0CORE/Network/CakeRequest.php
  1CORE/Network/CakeResponse.php
  Other(array)
  0CORE/bootstrap.php
  1CORE/basics.php
  2CORE/Core/App.php
  3CORE/Core/Configure.php
  4CORE/Core/CakePlugin.php
  5CORE/Event/CakeEventListener.php
  6CORE/Event/CakeEvent.php
  7CORE/Event/CakeEventManager.php
  8CORE/Core/Object.php
  Routing(array)
  0CORE/Routing/Dispatcher.php
  1CORE/Routing/Filter/AssetDispatcher.php
  2CORE/Routing/DispatcherFilter.php
  3CORE/Routing/Filter/CacheDispatcher.php
  4CORE/Routing/Router.php
  5CORE/Routing/Route/CakeRoute.php
  6CORE/Routing/Route/PluginShortRoute.php
  Utility(array)
  0CORE/Utility/Hash.php
  1CORE/Utility/Inflector.php
  2CORE/Utility/ObjectCollection.php
  3CORE/Utility/Debugger.php
  4CORE/Utility/String.php
  5CORE/Utility/ClassRegistry.php
  View(array)
  0CORE/View/HelperCollection.php
- app(array)
  Component(array)
  0APP/Controller/Component/CommonComponent.php
  Config(array)
  0APP/Config/core.php
  1APP/Config/bootstrap.php
  2APP/Config/routes.php
  3APP/Config/database.php
  Controller(array)
  0APP/Controller/JvninfosController.php
  1APP/Controller/AppController.php
  Model(array)
  0APP/Model/Jvninfo.php
  1APP/Model/AppModel.php
  2APP/Model/Cveinfo.php
  3APP/Model/Nvdinfo.php
  Other(array)
  0APP/webroot/index.php
- plugins(array)
  DebugKit(array)
  Component(array)
  0DebugKit/Controller/Component/ToolbarComponent.php
  Other(array)
  0DebugKit/Lib/DebugMemory.php
  1DebugKit/Lib/Panel/HistoryPanel.php
  2DebugKit/Lib/DebugPanel.php
  3DebugKit/Lib/Panel/SessionPanel.php
  4DebugKit/Lib/Panel/RequestPanel.php
  5DebugKit/Lib/Panel/SqlLogPanel.php
  6DebugKit/Lib/Panel/TimerPanel.php
  7DebugKit/Lib/Panel/LogPanel.php
  8DebugKit/Lib/Panel/VariablesPanel.php
  9DebugKit/Lib/Panel/EnvironmentPanel.php
  10DebugKit/Lib/Panel/IncludePanel.php
  11DebugKit/Lib/DebugTimer.php
  Log(array)
  0DebugKit/Lib/Log/Engine/DebugKitLog.php
====