Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 6, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
101	9.8	緊急 Network	code-projects	blood bank system	code-projects の blood bank system における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-9327	2024-10-3 11:22	2024-09-29	Show	GitHub Exploit DB Packet Storm

102	7.5	重要 Network	minapper	rest api to miniprogram	jianbo の WordPress 用 rest api to miniprogram における SQL インジェクションの脆弱性	CWE-89 CWE-89	CVE-2024-8484	2024-10-3 11:21	2024-09-25	Show	GitHub Exploit DB Packet Storm

103	6.1	警告 Network	xtendify	simple calendar	xtendify の WordPress 用 simple calendar におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-8549	2024-10-3 11:21	2024-09-25	Show	GitHub Exploit DB Packet Storm

104	6.1	警告 Network	pierros	kodex posts likes	pierros の WordPress 用 kodex posts likes におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-8713	2024-10-3 11:21	2024-09-25	Show	GitHub Exploit DB Packet Storm

105	5.4	警告 Network	wangbin	012 ps multi languages	wangbin の WordPress 用 012 ps multi languages におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-8723	2024-10-3 11:21	2024-09-26	Show	GitHub Exploit DB Packet Storm

106	7.2	重要 Network	freelancer-coder	wordpress simple html sitemap	freelancer-coder の WordPress 用 wordpress simple html sitemap における SQL インジェクションの脆弱性	CWE-89 CWE-89	CVE-2024-7385	2024-10-3 11:20	2024-09-25	Show	GitHub Exploit DB Packet Storm

107	9.8	緊急 Network	Artbees	jupiter x core	Artbees の WordPress 用 jupiter x core における危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2024-7772	2024-10-3 11:20	2024-09-26	Show	GitHub Exploit DB Packet Storm

108	7.8	重要 Local	AVG Technologies	AVG Internet Security	AVG Technologies の Windows 用 AVG Internet Security における制御されていない検索パスの要素に関する脆弱性	CWE-427 CWE-427 CWE-732 CWE-749	CVE-2024-6510	2024-10-3 11:04	2024-09-12	Show	GitHub Exploit DB Packet Storm

109	5.5	警告 Local	Synology Inc.	active backup for business agent	Synology Inc. の active backup for business agent における重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2023-52949	2024-10-3 11:01	2024-09-26	Show	GitHub Exploit DB Packet Storm

110	6.4	警告 Local	Advanced Micro Devices (AMD)	epyc 8324p ファームウェア epyc 9754s ファームウェア epyc 8124pn ファームウェア epyc 8024pn ファームウェア epyc 8434p ファームウェア epyc 8024p ファームウェア epyc&…	複数の Advanced Micro Devices (AMD) 製品における Time-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2023-20578	2024-10-3 10:57	2024-08-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 6, 2024, 8:10 p.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
259111	-	oracle	database_server	Per: http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html 'Applicable to Windows servers only.'	NVD-CWE-noinfo	CVE-2011-0806	2011-04-20 13:00	2011-04-20	Show	GitHub Exploit DB Packet Storm

259112	-	oracle	e-business_suite	Unspecified vulnerability in the Web ADI component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors.	NVD-CWE-noinfo	CVE-2011-0809	2011-04-20 13:00	2011-04-20	Show	GitHub Exploit DB Packet Storm

259113	-	ikiwiki	ikiwiki	ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta stylesheet" directive, which allows remote authenticated users to conduct cross-…	CWE-79 Cross-site Scripting	CVE-2011-1401	2011-04-20 13:00	2011-04-12	Show	GitHub Exploit DB Packet Storm

259114	-	rim	blackberry_enterprise_server blackberry_enterprise_server_express	Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and…	CWE-79 Cross-site Scripting	CVE-2011-0286	2011-04-19 03:55	2011-04-19	Show	GitHub Exploit DB Packet Storm

259115	-	redhat	spice-xpi	The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictabl…	CWE-59 Link Following	CVE-2011-0012	2011-04-19 02:55	2011-04-19	Show	GitHub Exploit DB Packet Storm

259116	-	honeywell	scanserver_activex_control	Use-after-free vulnerability in the addOSPLext method in the Honeywell ScanServer ActiveX control 780.0.20.5 allows remote attackers to execute arbitrary code via a crafted HTML document.	CWE-399 Resource Management Errors	CVE-2011-0331	2011-04-9 12:32	2011-03-23	Show	GitHub Exploit DB Packet Storm

259117	-	cisco	adaptive_security_appliance_software 5500_series_adaptive_security_appliance asa_5500 telepresence_multipoint_switch_software telepresence_multipoint_switch telepresence_system_softwar…	Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-0379	2011-04-9 12:32	2011-02-25	Show	GitHub Exploit DB Packet Storm

259118	-	cisco	telepresence_recording_server_software telepresence_recording_server	The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a "co…	CWE-78 OS Command	CVE-2011-0382	2011-04-9 12:32	2011-02-25	Show	GitHub Exploit DB Packet Storm

259119	-	cisco	telepresence_recording_server_software telepresence_recording_server telepresence_multipoint_switch_software telepresence_multipoint_switch	Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote ac…	CWE-399 Resource Management Errors	CVE-2011-0388	2011-04-9 12:32	2011-02-25	Show	GitHub Exploit DB Packet Storm

259120	-	micronetsoft	rv_dealer_website	Multiple SQL injection vulnerabilities in MicroNetsoft RV Dealer Website allow remote attackers to execute arbitrary SQL commands via the (1) selStock parameter to search.asp and the (2) orderBy para…	CWE-89 SQL Injection	CVE-2010-4362	2011-04-9 12:31	2010-12-2	Show	GitHub Exploit DB Packet Storm