Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 28, 2024, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189381 4.3 警告 ezphotogallery - Ezphotogallery におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6988 2012-06-26 16:10 2009-08-19 Show GitHub Exploit DB Packet Storm
189382 7.5 危険 ezonescripts - eZoneScripts Dating Website script における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2008-6987 2012-06-26 16:10 2009-08-19 Show GitHub Exploit DB Packet Storm
189383 7.5 危険 devalcms - devalcms の modules/tool/hitcounter.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6983 2012-06-26 16:10 2009-08-19 Show GitHub Exploit DB Packet Storm
189384 4.3 警告 devalcms - devalcms の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6982 2012-06-26 16:10 2009-08-19 Show GitHub Exploit DB Packet Storm
189385 6.8 警告 fullrevolution - Full Revolution aspWebAlbum における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6978 2012-06-26 16:10 2009-08-19 Show GitHub Exploit DB Packet Storm
189386 4.3 警告 fullrevolution - Full Revolution aspWebAlbum の album.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6977 2012-06-26 16:10 2009-08-19 Show GitHub Exploit DB Packet Storm
189387 6.8 警告 dd-wrt - DD-WRT 24 sp2 の apply.cgi におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6975 2012-06-26 16:10 2009-07-20 Show GitHub Exploit DB Packet Storm
189388 6.8 警告 dd-wrt - DD-WRT 24 sp1 の apply.cgi におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6974 2012-06-26 16:10 2009-07-20 Show GitHub Exploit DB Packet Storm
189389 5 警告 Alt-N - WorldClient in Alt-N MDaemon における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2008-6967 2012-06-26 16:10 2009-08-13 Show GitHub Exploit DB Packet Storm
189390 7.5 危険 aj square - AJ Square AJ Auction Pro Platinum Skin #1 における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6966 2012-06-26 16:10 2009-08-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 28, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
11 9.8 CRITICAL
Network 		moxa tn-5900_firmware
tn-4900_firmware 		TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from insufficient… Update CWE-77
Command Injection 		CVE-2023-33239 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm
12 9.8 CRITICAL
Network 		moxa tn-5900_firmware
tn-4900_firmware 		TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate i… Update CWE-77
Command Injection 		CVE-2023-33238 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm
13 8.8 HIGH
Network 		moxa tn-5900_firmware TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API han… Update CWE-287
Improper Authentication 		CVE-2023-33237 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm
14 - - - Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file m… New - CVE-2024-50307 2024-10-28 14:15 2024-10-28 Show GitHub Exploit DB Packet Storm
15 - - - SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to job… New - CVE-2024-48936 2024-10-28 13:15 2024-10-28 Show GitHub Exploit DB Packet Storm
16 9.8 CRITICAL
Network 		- - The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL command to read, modify, and delete database contents. New CWE-89
SQL Injection 		CVE-2024-10440 2024-10-28 12:15 2024-10-28 Show GitHub Exploit DB Packet Storm
17 5.3 MEDIUM
Network 		- - The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to access arbitrary files uploaded by … New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-10439 2024-10-28 12:15 2024-10-28 Show GitHub Exploit DB Packet Storm
18 7.5 HIGH
Network 		- - The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to bypass authentication by satisfying specific conditions in order to access certain f… New CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2024-10438 2024-10-28 12:15 2024-10-28 Show GitHub Exploit DB Packet Storm
19 - - - Cross Site Scripting (XSS) vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the page or class_month parameter in… Update - CVE-2023-51802 2024-10-28 11:35 2024-02-29 Show GitHub Exploit DB Packet Storm
20 5.5 MEDIUM
Local 		jungo
mitsubishielectric 		windriver
cpu_module_logging_configuration_tool
cw_configurator
data_transfer
ezsocket
fr_configurator_sw3
fr_configurator2
gt_got1000
gt_got2000
gt_softgot1000
gt_softg… 		Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error. Update NVD-CWE-noinfo
CVE-2023-51777 2024-10-28 11:35 2024-07-3 Show GitHub Exploit DB Packet Storm