Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 28, 2024, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189401 4.3 警告 Open Dynamics - Collabtive の manageproject.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6946 2012-06-26 16:10 2009-08-12 Show GitHub Exploit DB Packet Storm
189402 7.5 危険 AlstraSoft - AlstraSoft SendIt Pro の submit_file.php における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6932 2012-06-26 16:10 2009-08-11 Show GitHub Exploit DB Packet Storm
189403 4.3 警告 cPanel - cPanel の Fantastico De Luxe モジュール におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6927 2012-06-26 16:10 2009-08-10 Show GitHub Exploit DB Packet Storm
189404 7.5 危険 exoscripts - Exocrew ExoPHPDesk の admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6917 2012-06-26 16:10 2009-08-7 Show GitHub Exploit DB Packet Storm
189405 6.8 警告 brewblogger - BB の includes/authentication.inc.php の authenticateUser 関数における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6911 2012-06-26 16:10 2009-08-6 Show GitHub Exploit DB Packet Storm
189406 6.8 警告 2532gigs - 2532designs 2532|Gigs Stable の checkuser.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6907 2012-06-26 16:10 2009-08-6 Show GitHub Exploit DB Packet Storm
189407 4.3 警告 babbleboard - BabbleBoard の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6906 2012-06-26 16:10 2009-08-6 Show GitHub Exploit DB Packet Storm
189408 6 警告 babbleboard - BabbleBoard の index.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6905 2012-06-26 16:10 2009-08-6 Show GitHub Exploit DB Packet Storm
189409 6.8 警告 2532gigs - 2532designs 2532|Gigs の upload_flyer.php における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6902 2012-06-26 16:10 2009-08-5 Show GitHub Exploit DB Packet Storm
189410 5.1 警告 2532gigs - 2532designs 2532|Gigs におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6901 2012-06-26 16:10 2009-08-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 28, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
11 9.8 CRITICAL
Network 		moxa tn-5900_firmware
tn-4900_firmware 		TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from insufficient… Update CWE-77
Command Injection 		CVE-2023-33239 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm
12 9.8 CRITICAL
Network 		moxa tn-5900_firmware
tn-4900_firmware 		TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate i… Update CWE-77
Command Injection 		CVE-2023-33238 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm
13 8.8 HIGH
Network 		moxa tn-5900_firmware TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API han… Update CWE-287
Improper Authentication 		CVE-2023-33237 2024-10-28 15:15 2023-08-17 Show GitHub Exploit DB Packet Storm
14 - - - Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file m… New - CVE-2024-50307 2024-10-28 14:15 2024-10-28 Show GitHub Exploit DB Packet Storm
15 - - - SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to job… New - CVE-2024-48936 2024-10-28 13:15 2024-10-28 Show GitHub Exploit DB Packet Storm
16 9.8 CRITICAL
Network 		- - The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL command to read, modify, and delete database contents. New CWE-89
SQL Injection 		CVE-2024-10440 2024-10-28 12:15 2024-10-28 Show GitHub Exploit DB Packet Storm
17 5.3 MEDIUM
Network 		- - The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to access arbitrary files uploaded by … New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-10439 2024-10-28 12:15 2024-10-28 Show GitHub Exploit DB Packet Storm
18 7.5 HIGH
Network 		- - The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to bypass authentication by satisfying specific conditions in order to access certain f… New CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2024-10438 2024-10-28 12:15 2024-10-28 Show GitHub Exploit DB Packet Storm
19 - - - Cross Site Scripting (XSS) vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the page or class_month parameter in… Update - CVE-2023-51802 2024-10-28 11:35 2024-02-29 Show GitHub Exploit DB Packet Storm
20 5.5 MEDIUM
Local 		jungo
mitsubishielectric 		windriver
cpu_module_logging_configuration_tool
cw_configurator
data_transfer
ezsocket
fr_configurator_sw3
fr_configurator2
gt_got1000
gt_got2000
gt_softgot1000
gt_softg… 		Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error. Update NVD-CWE-noinfo
CVE-2023-51777 2024-10-28 11:35 2024-07-3 Show GitHub Exploit DB Packet Storm