Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 4, 2024, 12:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191251	5	警告	Fail2ban	-	fail2ban における /etc/hosts.deny ファイルに任意のホストを追加される脆弱性	CWE-DesignError	CVE-2006-6302	2012-06-26 15:38	2006-12-6	Show	GitHub Exploit DB Packet Storm

191252	5	警告	Phil Schwartz	-	DenyHosts におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2006-6301	2012-06-26 15:38	2006-12-6	Show	GitHub Exploit DB Packet Storm

191253	4.3	警告	CutePHP	-	CuteNews におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6300	2012-06-26 15:38	2006-12-5	Show	GitHub Exploit DB Packet Storm

191254	7.5	危険	frisk software	-	FRISK Software F-Prot Antivirus における詳細不明な脆弱性	-	CVE-2006-6294	2012-06-26 15:38	2006-12-1	Show	GitHub Exploit DB Packet Storm

191255	7.5	危険	FRISK Software International	-	FRISK Software F-Prot Antivirus におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2006-6293	2012-06-26 15:38	2006-12-5	Show	GitHub Exploit DB Packet Storm

191256	5.7	警告	アップル	-	Apple Airport Extreme ファームウェアにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6292	2012-06-26 15:38	2006-12-5	Show	GitHub Exploit DB Packet Storm

191257	7.5	危険	Atomix Productions	-	AtomixMP3 におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-6287	2012-06-26 15:38	2006-12-4	Show	GitHub Exploit DB Packet Storm

191258	7.5	危険	dicshunary	-	dicshunary の check_status.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6281	2012-06-26 15:38	2006-12-4	Show	GitHub Exploit DB Packet Storm

191259	5	警告	alexphpteam	-	@lex Guestbook の index.php における重要な情報を取得される脆弱性	-	CVE-2006-6279	2012-06-26 15:38	2006-12-4	Show	GitHub Exploit DB Packet Storm

191260	6.8	警告	alexphpteam	-	@lex Guestbook の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6278	2012-06-26 15:38	2006-12-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 4, 2024, 12:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
651	-		-	-	The Cost Calculator Builder WordPress plugin before 3.2.29 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a… Update	-	CVE-2024-8379	2024-10-2 00:35	2024-09-30	Show	GitHub Exploit DB Packet Storm

652	4.8	MEDIUM Network	codepeople	contact_form_email	The Contact Form Email WordPress plugin before 1.3.44 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting at… Update	CWE-79 Cross-site Scripting	CVE-2023-5955	2024-10-2 00:35	2023-12-12	Show	GitHub Exploit DB Packet Storm

653	5.3	MEDIUM Network	wpbrigade	simple_social_buttons	The Simple Social Media Share Buttons WordPress plugin before 5.1.1 leaks password-protected post content to unauthenticated visitors in some meta tags Update	NVD-CWE-noinfo	CVE-2023-5845	2024-10-2 00:35	2023-11-28	Show	GitHub Exploit DB Packet Storm

654	4.3	MEDIUM Network	limitloginattempts	limit_login_attempts_reloaded	The Limit Login Attempts Reloaded WordPress plugin before 2.25.26 is missing authorization on the `toggle_auto_update` AJAX action, allowing any user with a valid nonce to toggle the auto-update stat… Update	CWE-862 Missing Authorization	CVE-2023-5525	2024-10-2 00:35	2023-11-28	Show	GitHub Exploit DB Packet Storm

655	5.4	MEDIUM Network	thimpress	wp_hotel_booking	The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not ensure that the package to be deleted is a package, allowing any authenticated user… Update	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2023-5651	2024-10-2 00:35	2023-11-21	Show	GitHub Exploit DB Packet Storm

656	9.1	CRITICAL Network	atlassian	jira_service_management	An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management inst… Update	CWE-287 Improper Authentication	CVE-2023-22501	2024-10-2 00:35	2023-02-2	Show	GitHub Exploit DB Packet Storm

657	7.8	HIGH Local	microsoft git_for_windows_project	visual_studio_2022 visual_studio_2017 visual_studio_2019 git_for_windows	GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account. Update	CWE-427 Uncontrolled Search Path Element	CVE-2022-24767	2024-10-2 00:35	2022-04-13	Show	GitHub Exploit DB Packet Storm

658	7.8	HIGH Local	amazon	freertos	FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming t… Update	NVD-CWE-Other	CVE-2024-28115	2024-10-2 00:31	2024-03-8	Show	GitHub Exploit DB Packet Storm

659	5.4	MEDIUM Network	jellyfin	jellyfin	Jellyfin is an open source self hosted media server. The Jellyfin user profile image upload accepts SVG files, allowing for a stored XSS attack against an admin user via a specially crafted malicious… Update	NVD-CWE-noinfo	CVE-2024-43801	2024-10-2 00:25	2024-09-3	Show	GitHub Exploit DB Packet Storm

660	5.5	MEDIUM Local	vim	vim	Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line… Update	CWE-787 Out-of-bounds Write	CVE-2024-45306	2024-10-2 00:20	2024-09-3	Show	GitHub Exploit DB Packet Storm