Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 11, 2025, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191291	6.8	警告	james barnsley	-	JAB Guest Book の pbguestbook.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6371	2012-09-25 15:36	2006-12-7	Show	GitHub Exploit DB Packet Storm

191292	7.5	危険	Invision Power Services, Inc	-	Invision Gallery の forum/modules/gallery/post.php における SQL インジェクションの脆弱性	-	CVE-2006-6370	2012-09-25 15:36	2006-12-7	Show	GitHub Exploit DB Packet Storm

191293	7.5	危険	Invision Power Services, Inc	-	Invision Community Blog Mod の lib/entry_reply_entry.php における SQL インジェクションの脆弱性	-	CVE-2006-6369	2012-09-25 15:36	2006-12-1	Show	GitHub Exploit DB Packet Storm

191294	6.8	警告	inside systems	-	ISMail の error.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6364	2012-09-25 15:36	2006-12-7	Show	GitHub Exploit DB Packet Storm

191295	10	危険	khaledmuratlist	-	KhaledMuratList におけるデータベースをダウンロードされる脆弱性	-	CVE-2006-6351	2012-09-25 15:36	2006-12-6	Show	GitHub Exploit DB Packet Storm

191296	10	危険	iisworks	-	listpics におけるデータベースをダウンロードされる脆弱性	-	CVE-2006-6350	2012-09-25 15:36	2006-12-6	Show	GitHub Exploit DB Packet Storm

191297	6.8	警告	mowdbb	-	mowdBB の board.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6348	2012-09-25 15:36	2006-12-6	Show	GitHub Exploit DB Packet Storm

191298	7.5	危険	Neocrome	-	Neocrome Seditio における脆弱性	-	CVE-2006-6344	2012-09-25 15:36	2006-12-6	Show	GitHub Exploit DB Packet Storm

191299	6.8	警告	Neocrome	-	Neocrome Seditio の polls.php における SQL インジェクションの脆弱性	-	CVE-2006-6343	2012-09-25 15:36	2006-12-6	Show	GitHub Exploit DB Packet Storm

191300	7.5	危険	klf-design	-	KLF-DESIGN KLF-REALTY における SQL インジェクションの脆弱性	-	CVE-2006-6342	2012-09-25 15:36	2006-12-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 11, 2025, 5:03 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221	-		-	-	The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old… New	-	CVE-2024-10815	2025-01-10 01:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

222	-		-	-	An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 allows attackers to cause a Denial of Service (DoS) via a crafted XML payload. Update	-	CVE-2024-46603	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

223	-		-	-	An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML External Entity (XXE) vulnerability may allow an attacker to cause a Denial of Service (DoS) via a cra… Update	-	CVE-2024-46602	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

224	-		-	-	Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow. Update	-	CVE-2024-46601	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

225	5.5	MEDIUM Local	dell	powerscale_onefs	Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerab… Update	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2024-47475	2025-01-10 01:04	2025-01-7	Show	GitHub Exploit DB Packet Storm

226	-		-	-	A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer. New	-	CVE-2024-10106	2025-01-10 00:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

227	-		-	-	IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as configurations that should only be available to privileged users. New	CWE-282 CWE-276 Improper Ownership Management Incorrect Default Permissions	CVE-2024-43176	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

228	-		-	-	IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, and 12.4 operands running in Red H… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2022-22491	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

229	-		-	-	The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to Cross-Site Request Fo… New	-	CVE-2024-12605	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

230	-		-	-	SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Mic… New	-	CVE-2024-12802	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm