Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 7, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188841 7.5 危険 Accoria Networks - Accoria Web Server の authcfg.cgi におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2010-2271 2012-06-26 16:19 2010-06-15 Show GitHub Exploit DB Packet Storm
188842 7.5 危険 Accoria Networks - Accoria Web Server におけるセッションをハイジャックされる脆弱性 CWE-310
暗号の問題 		CVE-2010-2270 2012-06-26 16:19 2010-06-15 Show GitHub Exploit DB Packet Storm
188843 5 警告 Accoria Networks - Accoria Web Server の loadstatic.cgi におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-2269 2012-06-26 16:19 2010-06-15 Show GitHub Exploit DB Packet Storm
188844 6.8 警告 Accoria Networks - Accoria Web Server の authcfg.cgi におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-2268 2012-06-26 16:19 2010-06-15 Show GitHub Exploit DB Packet Storm
188845 4.3 警告 Accoria Networks - Accoria Web Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2267 2012-06-26 16:19 2010-06-15 Show GitHub Exploit DB Packet Storm
188846 4.3 警告 アップル
マイクロソフト		 - Apple Safari の CSS 実装における訪問した Web ページに関する重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-2264 2012-06-26 16:19 2010-06-7 Show GitHub Exploit DB Packet Storm
188847 5 警告 galileo students - Galileo Students Team Weborf におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2262 2012-06-26 16:19 2010-06-3 Show GitHub Exploit DB Packet Storm
188848 4.3 警告 gambitdesign - Gambit Design Bandwidth Meter におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2260 2012-06-26 16:19 2010-06-9 Show GitHub Exploit DB Packet Storm
188849 4.3 警告 eschew - phpBannerExchange Arabic の signupconfirm.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2258 2012-06-26 16:19 2010-06-9 Show GitHub Exploit DB Packet Storm
188850 6.8 警告 Apache Software Foundation - Apache CouchDB におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-2234 2012-06-26 16:19 2010-08-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 8, 2024, 6:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
91 5.5 MEDIUM
Local 		huawei harmonyos
emui 		Out-of-bounds access vulnerability in the logo module Impact: Successful exploitation of this vulnerability may affect service confidentiality. New CWE-787
 Out-of-bounds Write 		CVE-2024-51510 2024-11-8 02:03 2024-11-5 Show GitHub Exploit DB Packet Storm
92 8.8 HIGH
Network 		seopress seopress Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1. Update CWE-862
 Missing Authorization 		CVE-2024-50456 2024-11-8 02:02 2024-10-30 Show GitHub Exploit DB Packet Storm
93 8.8 HIGH
Network 		seopress seopress Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1. Update CWE-862
 Missing Authorization 		CVE-2024-50455 2024-11-8 02:01 2024-10-30 Show GitHub Exploit DB Packet Storm
94 9.8 CRITICAL
Network 		odude crypto_tool The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15. This is due a to limited arbitrary method call to 'crypto_connect_ajax_process::log_in' … Update CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2024-9989 2024-11-8 02:00 2024-10-30 Show GitHub Exploit DB Packet Storm
95 9.8 CRITICAL
Network 		odude crypto_tool The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15. This is due to missing validation on the user being supplied in the 'crypto_connect_ajax… Update CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2024-9988 2024-11-8 02:00 2024-10-30 Show GitHub Exploit DB Packet Storm
96 - - - A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators. New - CVE-2024-43436 2024-11-8 01:35 2024-11-7 Show GitHub Exploit DB Packet Storm
97 - - - The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability. New - CVE-2024-43434 2024-11-8 01:35 2024-11-7 Show GitHub Exploit DB Packet Storm
98 - - - A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access. New - CVE-2024-43431 2024-11-8 01:35 2024-11-7 Show GitHub Exploit DB Packet Storm
99 - - - Buffer Overflow vulnerability in Tenda O3 v.1.0.0.5 allows a remote attacker to cause a denial of service via a network packet in a fixed format to a router running the corresponding version of the f… New - CVE-2024-51409 2024-11-8 01:35 2024-11-7 Show GitHub Exploit DB Packet Storm
100 - - - NATO NCI ANET 3.4.1 mishandles report ownership. A user can create a report and, despite the restrictions imposed by the UI, change the author of that report to an arbitrary user (without their conse… Update - CVE-2024-38446 2024-11-8 01:35 2024-07-18 Show GitHub Exploit DB Packet Storm