Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 20, 2024, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
188661 4.3 警告 OBM - Open Business Management におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-5142 2012-09-5 11:10 2012-08-31 Show GitHub Exploit DB Packet Storm
188662 6 警告 OBM - Open Business Management の exportcsv/exportcsv_index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2011-5141 2012-09-5 11:09 2012-08-31 Show GitHub Exploit DB Packet Storm
188663 7.5 危険 diy-cms - DiY-CMS 用 blog モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-5140 2012-09-5 11:05 2012-08-31 Show GitHub Exploit DB Packet Storm
188664 7.5 危険 PreProject.com - Pre Studio Business Cards Designer の page.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-5139 2012-09-5 11:00 2012-08-31 Show GitHub Exploit DB Packet Storm
188665 4.3 警告 tForum - tForum の member.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-5138 2012-09-5 10:59 2012-08-31 Show GitHub Exploit DB Packet Storm
188666 7.5 危険 tForum - tForum における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-5137 2012-09-5 10:58 2012-08-31 Show GitHub Exploit DB Packet Storm
188667 9.3 危険 Viscom Software - Viscom Image Viewer CP Pro および Gold におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-5194 2012-09-5 10:57 2012-08-31 Show GitHub Exploit DB Packet Storm
188668 9.3 危険 Viscom Software - Viscom Image Viewer CP Pro および Gold におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-5193 2012-09-5 10:55 2012-08-31 Show GitHub Exploit DB Packet Storm
188669 4.3 警告 バラクーダネットワークス - Barracuda SSL VPN におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-4739 2012-09-5 10:06 2012-07-16 Show GitHub Exploit DB Packet Storm
188670 5 警告 GNU Gatekeeper - GNU Gatekeeper におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー
CVE-2012-3534 2012-09-5 10:05 2012-08-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 20, 2024, 4:18 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
541 5.9 MEDIUM
Network
phpipam phpipam phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'get… Update CWE-307
mproper Restriction of Excessive Authentication Attempts
CVE-2024-0787 2024-11-20 00:53 2024-11-15 Show GitHub Exploit DB Packet Storm
542 5.4 MEDIUM
Network
royal-elementor-addons royal_elementor_addons The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget in all versions up to, and including, 1.7.1001 due to insufficien… Update CWE-79
Cross-site Scripting
CVE-2024-9059 2024-11-20 00:53 2024-11-13 Show GitHub Exploit DB Packet Storm
543 6.1 MEDIUM
Network
advancedformintegration advanced_form_integration The AFI – The Easiest Integration Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the UR… Update CWE-79
Cross-site Scripting
CVE-2024-10877 2024-11-20 00:52 2024-11-13 Show GitHub Exploit DB Packet Storm
544 6.5 MEDIUM
Network
imagemagick imagemagick The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. Update CWE-125
Out-of-bounds Read
CVE-2016-7514 2024-11-20 00:51 2017-04-21 Show GitHub Exploit DB Packet Storm
545 7.2 HIGH
Network
mayurik best_employee_management_system A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /admin/edit_role.php. The manipulation of … Update CWE-89
SQL Injection
CVE-2024-11213 2024-11-20 00:48 2024-11-15 Show GitHub Exploit DB Packet Storm
546 8.8 HIGH
Network
mayurik best_employee_management_system A vulnerability, which was classified as critical, has been found in SourceCodester Best Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/fetch_… Update CWE-89
SQL Injection
CVE-2024-11212 2024-11-20 00:48 2024-11-15 Show GitHub Exploit DB Packet Storm
547 5.4 MEDIUM
Network
royal-elementor-addons royal_elementor_addons The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Form Builder widget in all versions up to, and including, 1.7.1001 due to i… Update CWE-79
Cross-site Scripting
CVE-2024-9682 2024-11-20 00:47 2024-11-13 Show GitHub Exploit DB Packet Storm
548 9.8 CRITICAL
Network
ays-pro chartify The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for una… Update NVD-CWE-Other
CVE-2024-10571 2024-11-20 00:46 2024-11-14 Show GitHub Exploit DB Packet Storm
549 4.8 MEDIUM
Network
phpgurukul user_registration_\&_login_and_user_management_system A Reflected Cross-Site Scripting (XSS) vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows rem… Update CWE-79
Cross-site Scripting
CVE-2024-48284 2024-11-20 00:45 2024-11-15 Show GitHub Exploit DB Packet Storm
550 4.3 MEDIUM
Network
janeczku calibre-web An improper access control vulnerability exists in janeczku/calibre-web. The affected version allows users without public shelf permissions to create public shelves. The vulnerability is due to the `… Update CWE-862
 Missing Authorization
CVE-2021-3987 2024-11-20 00:44 2024-11-15 Show GitHub Exploit DB Packet Storm