Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 31, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189621	6.8	警告	falt4	-	Falt4 CMS RC4 の admin/index.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-0648	2012-06-26 16:10	2009-02-19	Show	GitHub Exploit DB Packet Storm

189622	7.5	危険	4site	-	4Site CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0646	2012-06-26 16:10	2009-02-18	Show	GitHub Exploit DB Packet Storm

189623	5.1	警告	dminnich	-	Simple PHP News の post.php における news.txt へ任意の PHP コードを挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2009-0643	2012-06-26 16:10	2009-02-20	Show	GitHub Exploit DB Packet Storm

189624	7.5	危険	dminnich	-	Simple PHP News の post.php における news.txt へ任意の PHP コードを挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2009-0610	2012-06-26 16:10	2009-02-17	Show	GitHub Exploit DB Packet Storm

189625	4.3	警告	apmuthu	-	phpSkelSite の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0594	2012-06-26 16:10	2009-02-16	Show	GitHub Exploit DB Packet Storm

189626	7.5	危険	cafeengine	-	Easy CafeEngine の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0574	2012-06-26 16:10	2009-02-13	Show	GitHub Exploit DB Packet Storm

189627	4.3	警告	fotoware	-	FotoWeb におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0573	2012-06-26 16:10	2009-02-13	Show	GitHub Exploit DB Packet Storm

189628	5.1	警告	Flatnux	-	include/flatnux.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-0572	2012-06-26 16:10	2009-02-13	Show	GitHub Exploit DB Packet Storm

189629	4.3	警告	ESET	-	ESET Remote Administrator におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0548	2012-06-26 16:10	2009-02-12	Show	GitHub Exploit DB Packet Storm

189630	7.5	危険	extrosoft	-	Thyme の export.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-0535	2012-06-26 16:10	2009-02-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 1, 2024, 6:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221	8.8	HIGH Network	google	chrome	Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Update	CWE-843 Type Confusion	CVE-2024-10230	2024-10-31 17:35	2024-10-23	Show	GitHub Exploit DB Packet Storm

222	6.1	MEDIUM Network	hms-networks	ewon_cosy\+_firmware	Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to XSS when displaying the logs due to improper input sanitization. This is fixed in version 21.2s10… Update	CWE-79 Cross-site Scripting	CVE-2024-33893	2024-10-31 17:35	2024-08-3	Show	GitHub Exploit DB Packet Storm

223	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix possible use-after-free issue in ftrace_location() KASAN reports a bug: BUG: KASAN: use-after-free in ftrace_locat… Update	CWE-416 Use After Free	CVE-2024-38588	2024-10-31 17:35	2024-06-19	Show	GitHub Exploit DB Packet Storm

224	6.4	MEDIUM Network	-	-	The WP Simple Anchors Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpanchor shortcode in all versions up to, and including, 1.0.0 due to insufficient input… New	CWE-79 Cross-site Scripting	CVE-2024-9446	2024-10-31 16:15	2024-10-31	Show	GitHub Exploit DB Packet Storm

225	6.1	MEDIUM Network	-	-	The WPGlobus Translate Options plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on th… New	-	CVE-2024-9434	2024-10-31 16:15	2024-10-31	Show	GitHub Exploit DB Packet Storm

226	5.3	MEDIUM Network	-	-	The Get Quote For Woocommerce – Request A Quote For Woocommerce plugin for WordPress is vulnerable to unauthorized access of Quote data due to a missing capability check on the ct_tepfw_wp_loaded fun… New	CWE-306 Missing Authentication for Critical Function	CVE-2024-9430	2024-10-31 16:15	2024-10-31	Show	GitHub Exploit DB Packet Storm

227	6.4	MEDIUM Network	-	-	The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.4.4 … New	CWE-79 Cross-site Scripting	CVE-2024-9165	2024-10-31 16:15	2024-10-31	Show	GitHub Exploit DB Packet Storm

228	5.3	MEDIUM Network	-	-	The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.36.0 via the sub… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-9700	2024-10-31 15:15	2024-10-31	Show	GitHub Exploit DB Packet Storm

229	9.8	CRITICAL Network	-	-	The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_image_upload' function in all versions up to, and includ… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-10392	2024-10-31 15:15	2024-10-31	Show	GitHub Exploit DB Packet Storm

230	-		-	-	Versions of the package lilconfig from 3.1.0 and before 3.1.1 are vulnerable to Arbitrary Code Execution due to the insecure usage of eval in the dynamicImport function. An attacker can exploit this … New	-	CVE-2024-21537	2024-10-31 14:15	2024-10-31	Show	GitHub Exploit DB Packet Storm