Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 4, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190561 6.8 警告 The BFTPD Project - bftpd におけるメモリ二重解放の脆弱性 CWE-119
バッファエラー 		CVE-2007-2010 2012-06-26 15:46 2007-04-12 Show GitHub Exploit DB Packet Storm
190562 6.5 警告 crea-book - Crea-Book の admin/configurer2.php における任意の PHP コードを実行される脆弱性 - CVE-2007-2001 2012-06-26 15:46 2007-04-12 Show GitHub Exploit DB Packet Storm
190563 6.8 警告 codebreak - CodeBreak の codebreak.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1996 2012-06-26 15:46 2007-04-12 Show GitHub Exploit DB Packet Storm
190564 4.3 警告 Dotclear - DotClear におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1989 2012-06-26 15:46 2007-04-12 Show GitHub Exploit DB Packet Storm
190565 7.5 危険 barnraiser - barnraiser AROUNDMe における任意の PHP コードを実行される脆弱性 - CVE-2007-1986 2012-06-26 15:46 2007-04-11 Show GitHub Exploit DB Packet Storm
190566 7.5 危険 cyboards - Cyboards PHP Lite の include/default_header.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1983 2012-06-26 15:46 2007-04-11 Show GitHub Exploit DB Packet Storm
190567 7.5 危険 gazi okul sitesi - Gazi Okul Sitesi の fotokategori.asp における SQL インジェクションの脆弱性 - CVE-2007-1971 2012-06-26 15:46 2007-04-11 Show GitHub Exploit DB Packet Storm
190568 5 警告 exv2 - eXV2 CMS におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-1966 2012-06-26 15:46 2007-04-11 Show GitHub Exploit DB Packet Storm
190569 4.3 警告 exv2 - eXV2 CMS におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1965 2012-06-26 15:46 2007-04-11 Show GitHub Exploit DB Packet Storm
190570 6.8 警告 guernion sylvain portail - Guernion Sylvain Portail Web Php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1957 2012-06-26 15:46 2007-04-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 4, 2024, 8:12 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
691 - - - Bluetooth LE and BR/EDR Secure Connections pairing and Secure Simple Pairing using the Passkey entry protocol in Bluetooth Core Specifications 2.1 through 5.3 may permit an unauthenticated man-in-the… New - CVE-2021-37577 2024-10-2 00:15 2024-10-2 Show GitHub Exploit DB Packet Storm
692 6.3 MEDIUM
Local 		fedirtsapana simple_http_server_plus
simple_http_server 		Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K (AES) encryption key. An a… Update CWE-798
 Use of Hard-coded Credentials 		CVE-2023-46919 2024-10-2 00:15 2023-12-28 Show GitHub Exploit DB Packet Storm
693 8.8 HIGH
Local 		rust-lang rust Rust is a programming language. The fix for CVE-2024-24576, where `std::process::Command` incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.8… Update CWE-88
Argument Injection 		CVE-2024-43402 2024-10-2 00:12 2024-09-5 Show GitHub Exploit DB Packet Storm
694 7.5 HIGH
Network 		google tensorflow TensorFlow is an end-to-end open source platform for machine learning. `array_ops.upper_bound` causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will a… CWE-190
 Integer Overflow or Wraparound 		CVE-2023-33976 2024-10-1 23:41 2024-07-31 Show GitHub Exploit DB Packet Storm
695 5.4 MEDIUM
Network 		axton wp-webauthn The WP-WebAuthn plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wwa_login_form shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanit… CWE-79
Cross-site Scripting 		CVE-2024-9023 2024-10-1 23:39 2024-09-28 Show GitHub Exploit DB Packet Storm
696 6.1 MEDIUM
Network 		objectiv simple_ldap_login The Simple LDAP Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including… CWE-79
Cross-site Scripting 		CVE-2024-8715 2024-10-1 23:37 2024-09-28 Show GitHub Exploit DB Packet Storm
697 - - - The Slider by 10Web WordPress plugin before 1.2.59 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting atta… - CVE-2024-8283 2024-10-1 23:35 2024-09-30 Show GitHub Exploit DB Packet Storm
698 - - - The Starbox WordPress plugin before 3.5.3 does not properly render social media profiles URLs in certain contexts, like the malicious user's profile or pages where the starbox shortcode is used, whi… - CVE-2024-8239 2024-10-1 23:35 2024-09-30 Show GitHub Exploit DB Packet Storm
699 5.3 MEDIUM
Network 		perforce akana_api In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations CWE-209
Information Exposure Through an Error Message 		CVE-2024-5250 2024-10-1 23:33 2024-07-31 Show GitHub Exploit DB Packet Storm
700 5.4 MEDIUM
Network 		garrettgrimm simple_popup_plugin The Simple Popup Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [popup] shortcode in all versions up to, and including, 4.5 due to insufficient input saniti… CWE-79
Cross-site Scripting 		CVE-2024-8547 2024-10-1 23:32 2024-09-28 Show GitHub Exploit DB Packet Storm