Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 30, 2024, 10:01 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
189411 4.3 警告 bbsxp - BBSXP の error.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2009-0285 2012-06-26 16:10 2009-01-27 Show GitHub Exploit DB Packet Storm
189412 7.5 危険 flaxweb - Flax Article Manager の category.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2009-0284 2012-06-26 16:10 2009-01-27 Show GitHub Exploit DB Packet Storm
189413 4.3 警告 aobosoft - Oblog の err.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2009-0283 2012-06-26 16:10 2009-01-27 Show GitHub Exploit DB Packet Storm
189414 7.5 危険 asp-project - Asp Project Management における管理アクセス権を取得される脆弱性 CWE-287
不適切な認証
CVE-2009-0280 2012-06-26 16:10 2009-01-27 Show GitHub Exploit DB Packet Storm
189415 10 危険 富士通 - Fujitsu SystemcastWizard Lite の Registry Setting Tool におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-0264 2012-06-26 16:10 2009-01-26 Show GitHub Exploit DB Packet Storm
189416 9.3 危険 effectmatrix - EffectMatrix Total Video Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-0261 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
189417 9.3 危険 easyhdr - easyHDR PRO におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-0254 2012-06-26 16:10 2009-01-22 Show GitHub Exploit DB Packet Storm
189418 7.5 危険 enthrallweb - Enthrallweb eReservations の default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2009-0252 2012-06-26 16:10 2009-01-22 Show GitHub Exploit DB Packet Storm
189419 4.3 警告 53kf - 53KF Web IM 2009 のサーバにおけるクロスサイトスクリプティング (XSS) の脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2009-0247 2012-06-26 16:10 2009-01-22 Show GitHub Exploit DB Packet Storm
189420 9.3 危険 easyhdr - easyHDR PRO におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-0246 2012-06-26 16:10 2009-01-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 30, 2024, 6:01 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
161 6.1 MEDIUM
Network
themeinwp social_share_with_floating_bar The Social Share With Floating Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, … Update CWE-79
Cross-site Scripting
CVE-2024-8790 2024-10-29 23:44 2024-10-18 Show GitHub Exploit DB Packet Storm
162 5.4 MEDIUM
Network
sukiwp suki_sites_import The Suki Sites Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitization and out… Update CWE-79
Cross-site Scripting
CVE-2024-8916 2024-10-29 23:37 2024-10-18 Show GitHub Exploit DB Packet Storm
163 - - - A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service (DOS) attack. When uploading a file, if an attacker appends a large number of characters to the end of a … New CWE-400
 Uncontrolled Resource Consumption
CVE-2024-7807 2024-10-29 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
164 - - - An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to update the SAML configuration without authorization. This vulnerability can lead to manipulation of au… New CWE-284
Improper Access Control
CVE-2024-7475 2024-10-29 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
165 - - - In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability exists. A user can view or delete external users by manipulating the 'id' parameter in the request URL. … New CWE-284
Improper Access Control
CVE-2024-7474 2024-10-29 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
166 - - - A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input handling in multiple features, including user upload, direct… New CWE-22
Path Traversal
CVE-2024-5982 2024-10-29 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
167 - - - Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects F… New - CVE-2024-10474 2024-10-29 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
168 - - - In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affe… New - CVE-2024-10461 2024-10-29 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
169 - - - Incorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost & Clean v2.2.0 allows attackers to bypass fingerprint authentication due to the use of a deprecated API. Update - CVE-2024-31682 2024-10-29 23:35 2024-06-4 Show GitHub Exploit DB Packet Storm
170 5.5 MEDIUM
Local
linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bi… Update NVD-CWE-noinfo
CVE-2021-46920 2024-10-29 23:35 2024-02-27 Show GitHub Exploit DB Packet Storm