Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 28, 2024, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189351 4.3 警告 freshscripts - FreshScripts Fresh Email Script の register.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-7043 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189352 7.5 危険 freshscripts - FreshScripts Fresh Email Script の url.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-7042 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189353 7.5 危険 aj square - AJ Classifieds における管理者権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-7041 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189354 4.3 警告 gelatocms - Gelato CMS の admin/comments.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-7039 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189355 4.3 警告 bcoos - bcoos の DevTracker のモジュールの index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-7036 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189356 7.5 危険 galore
Joomla!		 - Joomla! 用 Simple Shop Galore コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7033 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189357 6.8 警告 F5 Networks - F5 BIG-IP の Web 管理コンソールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-7032 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189358 10 危険 Foxit Software Inc - Foxit Remote Access Server におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-7031 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189359 6 警告 alilg - AlilG Application AliBoard Beta の usercp.php における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-7029 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189360 7.5 危険 aves - RPG.Board における権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-7028 2012-06-26 16:10 2009-08-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 28, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1 - - - Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances. For this to impact an application, all of the following mus… New - CVE-2024-38821 2024-10-28 16:15 2024-10-28 Show GitHub Exploit DB Packet Storm
2 - - - The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the t… Update - CVE-2024-0387 2024-10-28 16:15 2024-02-27 Show GitHub Exploit DB Packet Storm
3 6.5 MEDIUM
Network 		moxa iologik_e1210_firmware
iologik_e1211_firmware
iologik_e1212_firmware
iologik_e1213_firmware
iologik_e1214_firmware
iologik_e1240_firmware
iologik_e1241_firmware
iologik_e1242_fir… 		A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of se… Update CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2023-5962 2024-10-28 16:15 2023-12-23 Show GitHub Exploit DB Packet Storm
4 5.9 MEDIUM
Network 		moxa mxsecurity A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vuln… Update CWE-798
 Use of Hard-coded Credentials 		CVE-2023-39982 2024-10-28 16:15 2023-09-2 Show GitHub Exploit DB Packet Storm
5 7.2 HIGH
Network 		- - The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7… New CWE-94
Code Injection 		CVE-2024-9162 2024-10-28 15:15 2024-10-28 Show GitHub Exploit DB Packet Storm
6 7.5 HIGH
Network 		moxa mxsecurity A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authentication measures, potentially leading … Update CWE-287
Improper Authentication 		CVE-2023-39981 2024-10-28 15:15 2023-09-2 Show GitHub Exploit DB Packet Storm
7 6.5 MEDIUM
Network 		moxa iologik_e4200_firmware A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to … Update CWE-863
 Incorrect Authorization 		CVE-2023-4227 2024-10-28 15:15 2023-08-24 Show GitHub Exploit DB Packet Storm
8 9.8 CRITICAL
Network 		moxa tn-5900_firmware TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the c… Update CWE-77
Command Injection 		CVE-2023-34215 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm
9 9.8 CRITICAL
Network 		moxa tn-5900_firmware
tn-4900_firmware 		TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient… Update CWE-77
Command Injection 		CVE-2023-34214 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm
10 9.8 CRITICAL
Network 		moxa tn-5900_firmware TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the key-g… Update CWE-77
Command Injection 		CVE-2023-34213 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm