Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 4:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188791 7.5 危険 healthcare Consulting - myCare2x における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-4260 2012-08-15 20:07 2012-08-13 Show GitHub Exploit DB Packet Storm
188792 4.3 警告 C4B Com For Business - C4B XPhone Unified Communications 2011 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4259 2012-08-15 20:06 2012-08-13 Show GitHub Exploit DB Packet Storm
188793 7.5 危険 Myrephp Programming - MYRE Real Estate Software における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-4258 2012-08-15 20:06 2012-08-13 Show GitHub Exploit DB Packet Storm
188794 5 警告 George Karpouzas - Yaqas における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-4257 2012-08-15 20:03 2012-08-13 Show GitHub Exploit DB Packet Storm
188795 5 警告 Joobi - Joomla! 用 jNews コンポーネントにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-4256 2012-08-15 20:01 2012-08-13 Show GitHub Exploit DB Packet Storm
188796 4.3 警告 MySQLDumper-Team - MySQLDumper における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-4255 2012-08-15 19:58 2012-08-13 Show GitHub Exploit DB Packet Storm
188797 4.3 警告 MySQLDumper-Team - MySQLDumper における重要な情報 (通知情報) を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-4254 2012-08-15 19:57 2012-08-13 Show GitHub Exploit DB Packet Storm
188798 4.3 警告 MySQLDumper-Team - MySQLDumper におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-4253 2012-08-15 19:55 2012-08-13 Show GitHub Exploit DB Packet Storm
188799 9.3 危険 サムスン - Samsung NET-i viewer の msls31.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-4250 2012-08-15 19:49 2012-08-13 Show GitHub Exploit DB Packet Storm
188800 4.3 警告 NetWebLogic - WordPress 用 Login With Ajax プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4283 2012-08-15 15:58 2012-08-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
601 - - - Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu W3P SEO allows Stored XSS.This issue affects W3P SEO: from n/a before 1.8.6. CWE-352
 Origin Validation Error 		CVE-2024-51684 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm
602 - - - Cross-Site Request Forgery (CSRF) vulnerability in FraudLabs Pro FraudLabs Pro SMS Verification allows Stored XSS.This issue affects FraudLabs Pro SMS Verification: from n/a through 1.10.1. CWE-352
 Origin Validation Error 		CVE-2024-51688 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm
603 5.4 MEDIUM
Network 		- - Microsoft Edge (Chromium-based) Information Disclosure Vulnerability CWE-359
 Exposure of Private Personal Information to an Unauthorized Actor 		CVE-2024-49025 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm
604 - - - A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code. - CVE-2024-10397 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm
605 - - - An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit… - CVE-2024-10396 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm
606 - - - A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG… - CVE-2024-10394 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm
607 - - - Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support – WordPress Help Desk allows Upload a Web Shell to a Web Server.This issue affects Hive Support – WordPress … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-52370 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm
608 - - - Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access Inc. KBucket allows Upload a Web Shell to a Web Server.This issue affects KBucket: from n/a through 4.1.6. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-52369 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm
609 - - - In lunary-ai/lunary version 1.2.7, there is a lack of rate limiting on the forgot password page, leading to an email bombing vulnerability. Attackers can exploit this by automating forgot password re… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2024-3760 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm
610 - - - Giskard is an evaluation and testing framework for AI systems. A Remote Code Execution (ReDoS) vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datas… - CVE-2024-52524 2024-11-15 22:58 2024-11-15 Show GitHub Exploit DB Packet Storm