Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Dec. 26, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189011 4.3 警告 LIGHTTPD - lighttpd の connections.c におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3948 2012-09-25 16:47 2007-07-23 Show GitHub Exploit DB Packet Storm
189012 5.8 警告 LIGHTTPD - lighttpd の request.c におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3947 2012-09-25 16:47 2007-07-23 Show GitHub Exploit DB Packet Storm
189013 6.4 警告 LIGHTTPD - lighttpd の http_auth.c におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3946 2012-09-25 16:47 2007-07-23 Show GitHub Exploit DB Packet Storm
189014 4.3 警告 jasmine - Jasmine CMS の profile.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3941 2012-09-25 16:47 2007-07-20 Show GitHub Exploit DB Packet Storm
189015 7.5 危険 MAXDev - MD-Pro の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-3938 2012-09-25 16:47 2007-07-20 Show GitHub Exploit DB Packet Storm
189016 7.5 危険 Joomla! - Joomla! 用の Expose RC35 における任意の PHP コードを実行される脆弱性 - CVE-2007-3932 2012-09-25 16:47 2007-07-20 Show GitHub Exploit DB Packet Storm
189017 4.3 警告 Andreas Gohr
マイクロソフト		 - Microsoft Internet Explorer などにおけるクロスサイトスクリプティング攻撃を実行される脆弱性 - CVE-2007-3930 2012-09-25 16:47 2007-07-20 Show GitHub Exploit DB Packet Storm
189018 9.3 危険 Opera Software ASA - Opera の BitTorrent サポートにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2007-3929 2012-09-25 16:47 2007-07-20 Show GitHub Exploit DB Packet Storm
189019 10 危険 Ipswitch, Inc. - Ipswitch IMail Server 2006 におけるバッファオーバーフローの脆弱性 - CVE-2007-3927 2012-09-25 16:47 2007-07-20 Show GitHub Exploit DB Packet Storm
189020 7.8 危険 Ipswitch, Inc. - Ipswitch IMail Server 2006 におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3926 2012-09-25 16:47 2007-07-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Dec. 26, 2024, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
61 - - - In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of ea… New - CVE-2024-53150 2024-12-24 21:15 2024-12-24 Show GitHub Exploit DB Packet Storm
62 6.4 MEDIUM
Network 		- - The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'responsive-block-editor-addons/portfolio' block in all versions up to, an… New CWE-79
Cross-site Scripting 		CVE-2024-12268 2024-12-24 20:15 2024-12-24 Show GitHub Exploit DB Packet Storm
63 6.5 MEDIUM
Network 		- - The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to SQL Injection via the 'category' parameter of the 'bookingpress_form' shortcode in a… New CWE-89
SQL Injection 		CVE-2024-11726 2024-12-24 20:15 2024-12-24 Show GitHub Exploit DB Packet Storm
64 6.5 MEDIUM
Network 		- - The Booking Calendar WpDevArt plugin is vulnerable to time-based, blind SQL injection via the `id` parameter in the “wpdevart_booking_calendar” shortcode in versions up to, and including, 3.2.19 due … New CWE-89
SQL Injection 		CVE-2024-10856 2024-12-24 20:15 2024-12-24 Show GitHub Exploit DB Packet Storm
65 5.4 MEDIUM
Network 		- - The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.6.16 d… New CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-10584 2024-12-24 20:15 2024-12-24 Show GitHub Exploit DB Packet Storm
66 6.4 MEDIUM
Network 		- - The Tracking Code Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the tracking code field in all versions up to, and including, 2.3.0 due to insufficient input sanitizat… New CWE-79
Cross-site Scripting 		CVE-2024-8721 2024-12-24 19:15 2024-12-24 Show GitHub Exploit DB Packet Storm
67 - - - In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hyperc… New - CVE-2024-53241 2024-12-24 19:15 2024-12-24 Show GitHub Exploit DB Packet Storm
68 - - - In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happe… New - CVE-2024-53240 2024-12-24 19:15 2024-12-24 Show GitHub Exploit DB Packet Storm
69 8.8 HIGH
Network 		- - The PlugVersions – Easily rollback to previous versions of your plugins plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the eos_plugin_reviews_restor… New CWE-862
 Missing Authorization 		CVE-2024-12881 2024-12-24 19:15 2024-12-24 Show GitHub Exploit DB Packet Storm
70 4.9 MEDIUM
Network 		- - The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.32 via the database_backup_ajax_do… New CWE-22
Path Traversal 		CVE-2024-12850 2024-12-24 19:15 2024-12-24 Show GitHub Exploit DB Packet Storm