Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 8, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188931 4.3 警告 dacian strain
Joomla!		 - Joomla! 用の JFaq コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2514 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
188932 7.5 危険 2daybiz - 2daybiz Matrimonial Script の customprofile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2512 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
188933 7.5 危険 2daybiz - 2daybiz MLM Software の viewnews.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2511 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
188934 7.5 危険 2daybiz - 2daybiz Web Template Software の customize.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2510 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
188935 4.3 警告 2daybiz - 2daybiz Web Template Software におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2509 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
188936 7.5 危険 2daybiz - 2daybiz Video Community Portal Script の user-profile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2508 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
188937 2.9 注意 シスコシステムズ - Linksys WAP54Gv3 の debug.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2506 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
188938 5 警告 bogofilter - bogofilter の base64.c の base64 デコーダにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2010-2494 2012-06-26 16:19 2010-07-8 Show GitHub Exploit DB Packet Storm
188939 7.5 危険 2daybiz - 2daybiz Video Community Portal Script の video.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2459 2012-06-26 16:19 2010-06-25 Show GitHub Exploit DB Packet Storm
188940 4.3 警告 2daybiz - 2daybiz Video Community Portal Script の video.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2458 2012-06-26 16:19 2010-06-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 8, 2024, 4:18 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
281 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event With clang's kernel control flow integrity (kCFI, CONFIG_C… Update NVD-CWE-noinfo
CVE-2022-48994 2024-11-7 22:52 2024-10-22 Show GitHub Exploit DB Packet Storm
282 6.4 MEDIUM
Network 		- - The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Blog widget in all v… New CWE-79
Cross-site Scripting 		CVE-2024-8442 2024-11-7 22:15 2024-11-7 Show GitHub Exploit DB Packet Storm
283 - - - An issue discovered in OpenWrt 18.06, 19.07, 21.02, 22.03, and beyond allows off-path attackers to hijack TCP sessions, which could lead to a denial of service, impersonating the client to the server… Update - CVE-2023-30312 2024-11-7 21:35 2024-05-29 Show GitHub Exploit DB Packet Storm
284 - - - Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when the X11 server sends an DRI2_BufferSwapCom… Update - CVE-2023-45913 2024-11-7 21:35 2024-03-27 Show GitHub Exploit DB Packet Storm
285 - - - Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available. New - CVE-2024-24914 2024-11-7 21:15 2024-11-7 Show GitHub Exploit DB Packet Storm
286 7.8 HIGH
Local 		2n access_commander In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges in the system which could allow for arbitrary code execution with root permissions. New NVD-CWE-noinfo
CVE-2024-47255 2024-11-7 21:15 2024-11-5 Show GitHub Exploit DB Packet Storm
287 7.2 HIGH
Network 		2n access_commander In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data Authenticity vulnerability could allow an attacker to escalate their privileges and gain root access to the s… New NVD-CWE-noinfo
CVE-2024-47254 2024-11-7 21:15 2024-11-5 Show GitHub Exploit DB Packet Storm
288 7.2 HIGH
Network 		2n access_commander In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an attacker with administrative privileges to write files on the filesystem and potentially achieve arbit… New CWE-22
Path Traversal 		CVE-2024-47253 2024-11-7 21:15 2024-11-5 Show GitHub Exploit DB Packet Storm
289 - - - There is an SSRF vulnerability in the Fluid Topics platform that affects versions prior to 4.3, where the server can be forced to make arbitrary requests to internal and external resources by an auth… Update - CVE-2023-31456 2024-11-7 20:35 2024-07-17 Show GitHub Exploit DB Packet Storm
290 - - - A SQL injection vulnerability in Mybatis plus versions below 3.5.6 allows remote attackers to obtain database information via a Boolean blind injection. NOTE: the vendor's position is that this can o… Update - CVE-2024-35548 2024-11-7 20:35 2024-05-29 Show GitHub Exploit DB Packet Storm