Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 2, 2024, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
190471	5	警告	geblog	-	GeBlog の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1577	2012-06-26 15:46	2007-03-21	Show	GitHub Exploit DB Packet Storm

190472	5	警告	care2x	-	CARE2X における設定情報を取得される脆弱性	-	CVE-2007-1574	2012-06-26 15:46	2007-03-21	Show	GitHub Exploit DB Packet Storm

190473	10	危険	daansystems	-	DaanSystems NewsReactor におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-1568	2012-06-26 15:46	2007-03-21	Show	GitHub Exploit DB Packet Storm

190474	7.8	危険	Digium	-	Asterisk のチャネルドライバにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1561	2012-06-26 15:46	2007-03-21	Show	GitHub Exploit DB Packet Storm

190475	7.2	危険	エフ・セキュア	-	F-Secure Anti-Virus Client Security におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1557	2012-06-26 15:46	2007-03-20	Show	GitHub Exploit DB Packet Storm

190476	6.8	警告	guestbara	-	Guestbara の admin/configuration.php における任意の PHP コードを挿入される脆弱性	-	CVE-2007-1554	2012-06-26 15:46	2007-03-20	Show	GitHub Exploit DB Packet Storm

190477	5	警告	guestbara	-	Guestbara の admin/configuration.php における管理者アカウントのパスワードを変更される脆弱性	-	CVE-2007-1553	2012-06-26 15:46	2007-03-20	Show	GitHub Exploit DB Packet Storm

190478	5	警告	シスコシステムズ	-	Cisco IP Phone 7940 などにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1542	2012-06-26 15:46	2007-03-20	Show	GitHub Exploit DB Packet Storm

190479	6.8	警告	dayfox designs	-	dfblog の postpost.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1525	2012-06-26 15:46	2007-03-20	Show	GitHub Exploit DB Packet Storm

190480	6.8	警告	cicoandcico	-	Cicoandcico CcMail の functions/update.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1516	2012-06-26 15:46	2007-03-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 2, 2024, 4:12 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
411	6.4	MEDIUM Network	-	-	The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, and including, 4.10.52 due to insufficient… Update	CWE-79 Cross-site Scripting	CVE-2024-8681	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

412	-		-	-	The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissi… Update	-	CVE-2024-7400	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

413	7.2	HIGH Network	-	-	The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 3.16.1 due to insu… Update	CWE-89 SQL Injection	CVE-2024-9130	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

414	6.4	MEDIUM Network	-	-	The Absolute Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Name' field of a custom post criteria in all versions up to, and including, 1.1.3 due to insufficient i… Update	-	CVE-2024-8965	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

415	8.8	HIGH Network	-	-	The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untr… Update	CWE-502 Deserialization of Untrusted Data	CVE-2024-8922	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

416	-		-	-	The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and … Update	-	CVE-2024-7714	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

417	-		-	-	The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it Update	-	CVE-2024-7713	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

418	-		-	-	Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauth… Update	-	CVE-2024-8974	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

419	-		-	-	An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. An AI feature was found to read unsaniti… Update	-	CVE-2024-4099	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

420	-		-	-	Sharp NEC Projectors (NP-CB4500UL, NP-CB4500WL, NP-CB4700UL, NP-P525UL, NP-P525UL+, NP-P525ULG, NP-P525ULJL, NP-P525WL, NP-P525WL+, NP-P525WLG, NP-P525WLJL, NP-CG6500UL, NP-CG6500WL, NP-CG6700UL, NP-… Update	-	CVE-2024-7011	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm