Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 30, 2024, 10:01 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
189361 6.8 警告 AdaptCMS - AdaptCMS Lite の plugins/rss_importer_functions.php における任意の PHP コードが実行される脆弱性 CWE-94
コード・インジェクション
CVE-2009-0527 2012-06-26 16:10 2009-02-11 Show GitHub Exploit DB Packet Storm
189362 4.3 警告 AdaptCMS - AdaptCMS Lite の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2009-0526 2012-06-26 16:10 2009-02-11 Show GitHub Exploit DB Packet Storm
189363 7.5 危険 businessspace - BusinessSpace の classified.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2009-0516 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
189364 9.3 危険 elecard - Elecard MPEG Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-0491 2012-06-26 16:10 2009-02-9 Show GitHub Exploit DB Packet Storm
189365 9.3 危険 Audacity - Audacity の lib-src/allegro/strparse.cpp の String_parse::get_nonspace_quoted 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-0490 2012-06-26 16:10 2009-02-9 Show GitHub Exploit DB Packet Storm
189366 6.8 警告 armorlogic - Profense Web Application Firewall の ajax.html におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2009-0468 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
189367 4.3 警告 armorlogic - Profense Web Application Firewall の proxy.html におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2009-0467 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
189368 5.1 警告 Groone's World - Groone GBook の includes/header.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2009-0464 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
189369 6.8 警告 Groone's World - Groone GLinks の includes/header.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2009-0463 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
189370 7.5 危険 clicktech - ClickTech ClickCart の customer_login_check.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2009-0462 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 30, 2024, 6:01 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
151 - - - Kyverno is a policy engine designed for Kubernetes. A kyverno ClusterPolicy, ie. "disallow-privileged-containers," can be overridden by the creation of a PolicyException in a random namespace. By des… New CWE-285
Improper Authorization
CVE-2024-48921 2024-10-30 00:15 2024-10-30 Show GitHub Exploit DB Packet Storm
152 - - - Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recv_bytes (defaults to 8192) long, followed by a secondary request using HTTP… New CWE-444
CWE-367
HTTP Request Smuggling
 Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-49768 2024-10-30 00:15 2024-10-30 Show GitHub Exploit DB Packet Storm
153 4.1 MEDIUM
Local
hitachienergy unem
foxman-un
A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is stored in cleartext within a resource that might be accessible to another control sphere. Update CWE-312
 Cleartext Storage of Sensitive Information
CVE-2024-28024 2024-10-30 00:15 2024-06-12 Show GitHub Exploit DB Packet Storm
154 5.6 MEDIUM
Network
hitachienergy unem
foxman-un
A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually ga… Update CWE-307
mproper Restriction of Excessive Authentication Attempts
CVE-2024-28022 2024-10-30 00:15 2024-06-12 Show GitHub Exploit DB Packet Storm
155 9.9 CRITICAL
Network
hitachienergy unem
foxman-un
A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use the passwords and login information through… Update NVD-CWE-noinfo
CVE-2024-28020 2024-10-30 00:15 2024-06-12 Show GitHub Exploit DB Packet Storm
156 7.4 HIGH
Network
hitachienergy unem
foxman_un
foxman-un
A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism’s certificate validation. If exploited an attacker could spoof a trusted entity causing a loss of conf… Update CWE-295
Improper Certificate Validation 
CVE-2024-28021 2024-10-30 00:15 2024-06-11 Show GitHub Exploit DB Packet Storm
157 5.4 MEDIUM
Network
rextheme wp_vr Missing Authorization vulnerability in Rextheme WP VR allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP VR: from n/a through 8.5.4. Update CWE-862
 Missing Authorization
CVE-2024-49293 2024-10-30 00:07 2024-10-21 Show GitHub Exploit DB Packet Storm
158 6.1 MEDIUM
Network
edit_woocommerce_templates_project edit_woocommerce_templates The Edit WooCommerce Templates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sani… Update CWE-79
Cross-site Scripting
CVE-2024-10049 2024-10-29 23:49 2024-10-18 Show GitHub Exploit DB Packet Storm
159 8.2 HIGH
Adjacent
eufy homebase_2_firmware The Eufy Homebase 2 before firmware version 3.3.4.1h creates a dedicated wireless network for its ecosystem, which serves as a proxy to the end user's primary network. The WPA2-PSK generation of this… Update CWE-331
 Insufficient Entropy
CVE-2023-37822 2024-10-29 23:47 2024-10-4 Show GitHub Exploit DB Packet Storm
160 6.1 MEDIUM
Network
fatcatapps getresponse_forms The GetResponse Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, … Update CWE-79
Cross-site Scripting
CVE-2024-8740 2024-10-29 23:46 2024-10-18 Show GitHub Exploit DB Packet Storm