Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 2, 2024, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190171 7.5 危険 アップル
アドビシステムズ		 - Adobe CS3 で使用される Adobe Version Cue CS3 Server のインストーラにおけるファイアウォールルールを回避される脆弱性 - CVE-2007-2682 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
190172 7.5 危険 b2evolution - b2evolution の blogs/index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2681 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
190173 7.5 危険 censura - Censura の includes/funcs_vendors.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-2673 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
190174 4.3 警告 globalmegacorp - PHPChain におけるインストールパスを取得される脆弱性 - CVE-2007-2670 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
190175 4.3 警告 globalmegacorp - PHPChain におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2669 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
190176 9.3 危険 db soft lab - VImpX.ocx の DB Software Laboratory VImpX ActiveX コントロールにおけるバッファオーバーフローの脆弱性 - CVE-2007-2667 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
190177 7.5 危険 beacon - Beacon の language/1/splash.lang.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2663 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
190178 7.5 危険 efestech haber - EfesTECH Haber における SQL インジェクションの脆弱性 - CVE-2007-2662 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
190179 7.5 危険 drumster - BlogMe の archshow.asp における SQL インジェクションの脆弱性 - CVE-2007-2661 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
190180 5 警告 bugada andrea - PHP Advanced Transfer Manager (phpATM) の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2659 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 2, 2024, 8:12 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
111 6.1 MEDIUM
Network 		collne welcart The Welcart e-Commerce WordPress plugin before 2.9.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used ag… Update CWE-79
Cross-site Scripting 		CVE-2023-5951 2024-10-2 01:35 2023-12-5 Show GitHub Exploit DB Packet Storm
112 5.4 MEDIUM
Network 		uploading_svg\
_webp_and_ico_files_project 		uploading_svg\
_webp_and_ico_files 		The Uploading SVG, WEBP and ICO files WordPress plugin through 1.2.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XS… Update CWE-79
Cross-site Scripting 		CVE-2023-4460 2024-10-2 01:35 2023-12-5 Show GitHub Exploit DB Packet Storm
113 5.3 MEDIUM
Network 		microsoft windows_server_2012
windows_server_2016
windows_server_2019
windows_server_2022 		DHCP Server Service Information Disclosure Vulnerability Update CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2023-29355 2024-10-2 01:35 2023-06-14 Show GitHub Exploit DB Packet Storm
114 5.3 MEDIUM
Network 		atlassian confluence_data_center
confluence_server 		Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. This occurs via an Informa… Update NVD-CWE-noinfo
CVE-2023-22503 2024-10-2 01:35 2023-05-2 Show GitHub Exploit DB Packet Storm
115 5.4 MEDIUM
Network 		strangerstudios paid_memberships_pro The Paid Memberships Pro WordPress plugin before 2.9.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as lo… Update CWE-79
Cross-site Scripting 		CVE-2022-4830 2024-10-2 01:35 2023-02-14 Show GitHub Exploit DB Packet Storm
116 5.4 MEDIUM
Network 		3dflipbook 3d_flipbook The 3D FlipBook WordPress plugin through 1.13.2 does not validate or escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as Con… Update CWE-79
Cross-site Scripting 		CVE-2022-4453 2024-10-2 01:35 2023-01-17 Show GitHub Exploit DB Packet Storm
117 9.8 CRITICAL
Network 		doverfuelingsolutions progauge_maglink_lx_console_firmware
progauge_maglink_lx4_console_firmware 		An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full privileges by requesting the URL directly. Update NVD-CWE-Other
CVE-2024-43692 2024-10-2 01:22 2024-09-25 Show GitHub Exploit DB Packet Storm
118 9.8 CRITICAL
Network 		doverfuelingsolutions progauge_maglink_lx_console_firmware
progauge_maglink_lx4_console_firmware 		A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a remote attacker to inject arbitrary commands. Update CWE-77
Command Injection 		CVE-2024-45066 2024-10-2 01:18 2024-09-25 Show GitHub Exploit DB Packet Storm
119 - - - A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox E… New - CVE-2024-9399 2024-10-2 01:15 2024-10-2 Show GitHub Exploit DB Packet Storm
120 - - - By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vuln… New - CVE-2024-9398 2024-10-2 01:15 2024-10-2 Show GitHub Exploit DB Packet Storm