Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 4, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191181 7.5 危険 cahier de textes - Cahier de texte (CDT) の administration/index.php における不正な管理者操作を実行される脆弱性 - CVE-2006-6849 2012-06-26 15:38 2006-12-31 Show GitHub Exploit DB Packet Storm
191182 7.5 危険 aspticker - ASPTicker の admin.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-6848 2012-06-26 15:38 2006-12-31 Show GitHub Exploit DB Packet Storm
191183 7.5 危険 cybercoded - WYWO InOut Board における SQL インジェクションの脆弱性 - CVE-2006-6846 2012-06-26 15:38 2006-12-31 Show GitHub Exploit DB Packet Storm
191184 6.8 警告 CMS Made Simple - CMS Made Simple の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6845 2012-06-26 15:38 2006-12-31 Show GitHub Exploit DB Packet Storm
191185 6.8 警告 CMS Made Simple - CMS Made Simple の optional user comment モジュールにおけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6844 2012-06-26 15:38 2006-12-31 Show GitHub Exploit DB Packet Storm
191186 7.5 危険 codemonkeyx - phpBB2 Plus の Acronym Mod の admin/admin_acronyms.php における SQL インジェクションの脆弱性 - CVE-2006-6842 2012-06-26 15:38 2006-12-31 Show GitHub Exploit DB Packet Storm
191187 7.5 危険 alan ward - aFAQ の faqDsp.asp における SQL インジェクションの脆弱性 - CVE-2006-6831 2012-06-26 15:38 2006-12-31 Show GitHub Exploit DB Packet Storm
191188 7.5 危険 cafelog - b2verifauth.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6830 2012-06-26 15:38 2006-12-31 Show GitHub Exploit DB Packet Storm
191189 7.8 危険 efkan forum - Efkan Forum におけるデータベースをダウンロードされる脆弱性 - CVE-2006-6829 2012-06-26 15:38 2006-12-31 Show GitHub Exploit DB Packet Storm
191190 7.5 危険 efkan forum - Efkan Forum における SQL インジェクションの脆弱性 - CVE-2006-6828 2012-06-26 15:38 2006-12-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 4, 2024, 8:12 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
641 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: fix deadlock in show_meminfo() There is a real deadlock as well as sleeping in atomic() bug in here, if the bo put… Update CWE-667
 Improper Locking 		CVE-2024-46867 2024-10-2 02:09 2024-09-27 Show GitHub Exploit DB Packet Storm
642 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: add missing bo locking in show_meminfo() bo_meminfo() wants to inspect bo state like tt and the ttm resource, howe… Update CWE-667
 Improper Locking 		CVE-2024-46866 2024-10-2 02:09 2024-09-27 Show GitHub Exploit DB Packet Storm
643 2.7 LOW
Network 		formtools form_tools A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curl_exec of the file /admin/forms/option_lists/edit.php of the component I… Update NVD-CWE-Other
CVE-2024-6937 2024-10-2 01:51 2024-07-21 Show GitHub Exploit DB Packet Storm
644 6.5 MEDIUM
Network 		devolutions devolutions_server Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10 and earlier allows authenticated users with permissions to approve their own requests, bypassing inte… Update CWE-863
 Incorrect Authorization 		CVE-2024-6512 2024-10-2 01:36 2024-09-25 Show GitHub Exploit DB Packet Storm
645 6.1 MEDIUM
Network 		collne welcart The Welcart e-Commerce WordPress plugin before 2.9.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used ag… Update CWE-79
Cross-site Scripting 		CVE-2023-5951 2024-10-2 01:35 2023-12-5 Show GitHub Exploit DB Packet Storm
646 5.4 MEDIUM
Network 		uploading_svg\
_webp_and_ico_files_project 		uploading_svg\
_webp_and_ico_files 		The Uploading SVG, WEBP and ICO files WordPress plugin through 1.2.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XS… Update CWE-79
Cross-site Scripting 		CVE-2023-4460 2024-10-2 01:35 2023-12-5 Show GitHub Exploit DB Packet Storm
647 5.3 MEDIUM
Network 		microsoft windows_server_2012
windows_server_2016
windows_server_2019
windows_server_2022 		DHCP Server Service Information Disclosure Vulnerability Update CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2023-29355 2024-10-2 01:35 2023-06-14 Show GitHub Exploit DB Packet Storm
648 5.3 MEDIUM
Network 		atlassian confluence_data_center
confluence_server 		Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. This occurs via an Informa… Update NVD-CWE-noinfo
CVE-2023-22503 2024-10-2 01:35 2023-05-2 Show GitHub Exploit DB Packet Storm
649 5.4 MEDIUM
Network 		strangerstudios paid_memberships_pro The Paid Memberships Pro WordPress plugin before 2.9.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as lo… Update CWE-79
Cross-site Scripting 		CVE-2022-4830 2024-10-2 01:35 2023-02-14 Show GitHub Exploit DB Packet Storm
650 5.4 MEDIUM
Network 		3dflipbook 3d_flipbook The 3D FlipBook WordPress plugin through 1.13.2 does not validate or escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as Con… Update CWE-79
Cross-site Scripting 		CVE-2022-4453 2024-10-2 01:35 2023-01-17 Show GitHub Exploit DB Packet Storm