Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 6, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
101	9.8	緊急 Network	code-projects	blood bank system	code-projects の blood bank system における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-9327	2024-10-3 11:22	2024-09-29	Show	GitHub Exploit DB Packet Storm

102	7.5	重要 Network	minapper	rest api to miniprogram	jianbo の WordPress 用 rest api to miniprogram における SQL インジェクションの脆弱性	CWE-89 CWE-89	CVE-2024-8484	2024-10-3 11:21	2024-09-25	Show	GitHub Exploit DB Packet Storm

103	6.1	警告 Network	xtendify	simple calendar	xtendify の WordPress 用 simple calendar におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-8549	2024-10-3 11:21	2024-09-25	Show	GitHub Exploit DB Packet Storm

104	6.1	警告 Network	pierros	kodex posts likes	pierros の WordPress 用 kodex posts likes におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-8713	2024-10-3 11:21	2024-09-25	Show	GitHub Exploit DB Packet Storm

105	5.4	警告 Network	wangbin	012 ps multi languages	wangbin の WordPress 用 012 ps multi languages におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-8723	2024-10-3 11:21	2024-09-26	Show	GitHub Exploit DB Packet Storm

106	7.2	重要 Network	freelancer-coder	wordpress simple html sitemap	freelancer-coder の WordPress 用 wordpress simple html sitemap における SQL インジェクションの脆弱性	CWE-89 CWE-89	CVE-2024-7385	2024-10-3 11:20	2024-09-25	Show	GitHub Exploit DB Packet Storm

107	9.8	緊急 Network	Artbees	jupiter x core	Artbees の WordPress 用 jupiter x core における危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2024-7772	2024-10-3 11:20	2024-09-26	Show	GitHub Exploit DB Packet Storm

108	7.8	重要 Local	AVG Technologies	AVG Internet Security	AVG Technologies の Windows 用 AVG Internet Security における制御されていない検索パスの要素に関する脆弱性	CWE-427 CWE-427 CWE-732 CWE-749	CVE-2024-6510	2024-10-3 11:04	2024-09-12	Show	GitHub Exploit DB Packet Storm

109	5.5	警告 Local	Synology Inc.	active backup for business agent	Synology Inc. の active backup for business agent における重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2023-52949	2024-10-3 11:01	2024-09-26	Show	GitHub Exploit DB Packet Storm

110	6.4	警告 Local	Advanced Micro Devices (AMD)	epyc 8324p ファームウェア epyc 9754s ファームウェア epyc 8124pn ファームウェア epyc 8024pn ファームウェア epyc 8434p ファームウェア epyc 8024p ファームウェア epyc&…	複数の Advanced Micro Devices (AMD) 製品における Time-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2023-20578	2024-10-3 10:57	2024-08-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 6, 2024, 8:10 p.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
259351	-	kerio	kerio_mailserver	Unspecified vulnerability in Kerio MailServer before 6.5.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to decoding of uuencoded input, which triggers …	NVD-CWE-noinfo CWE-399 Resource Management Errors	CVE-2008-0859	2011-03-8 12:05	2008-02-21	Show	GitHub Exploit DB Packet Storm

259352	-	kerio	avg_plugin kerio_mailserver	Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs.	NVD-CWE-noinfo	CVE-2008-0860	2011-03-8 12:05	2008-02-21	Show	GitHub Exploit DB Packet Storm

259353	-	ibm	lotus_quickplace	Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus Quickplace 7.0 allows remote attackers to inject arbitrary web script or HTML via an h_SearchString sub-parameter in the PreSetFi…	CWE-79 Cross-site Scripting	CVE-2008-0861	2011-03-8 12:05	2008-02-21	Show	GitHub Exploit DB Packet Storm

259354	-	ibm	lotus_notes	IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (EC…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2008-0862	2011-03-8 12:05	2008-02-21	Show	GitHub Exploit DB Packet Storm

259355	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remote attackers to obtain sensitive information and potentially launch further…	CWE-200 Information Exposure	CVE-2008-0863	2011-03-8 12:05	2008-02-21	Show	GitHub Exploit DB Packet Storm

259356	-	bea	weblogic_workshop	Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Workshop allow remote attackers to inject arbitrary web script or HTML via an invalid action URI, which is not properly handled by …	CWE-79 Cross-site Scripting	CVE-2008-0866	2011-03-8 12:05	2008-02-21	Show	GitHub Exploit DB Packet Storm

259357	-	bea bea_systems	weblogic_server weblogic_workshop weblogic	Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "fram…	CWE-79 Cross-site Scripting	CVE-2008-0869	2011-03-8 12:05	2008-02-21	Show	GitHub Exploit DB Packet Storm

259358	-	hitachi	eur_print_manager	Unspecified vulnerability in Hitachi EUR Print Manager, and related Client and Local Server products, 05-06 through 05-06-/B and 05-08 allows remote attackers to cause a denial of service (service ha…	NVD-CWE-noinfo	CVE-2008-0875	2011-03-8 12:05	2008-02-22	Show	GitHub Exploit DB Packet Storm

259359	-	hitachi	sewb3_mi-platform sewb3_platform	Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00 through 02-14-/A allows remote attackers to cause a denial of service (service outage) v…	CWE-20 Improper Input Validation	CVE-2008-0876	2011-03-8 12:05	2008-02-22	Show	GitHub Exploit DB Packet Storm

259360	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application servlets via crafted request headers.	CWE-287 Improper Authentication	CVE-2008-0895	2011-03-8 12:05	2008-02-23	Show	GitHub Exploit DB Packet Storm