Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 4, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191301	6.8	警告	DivX	-	Nostra DivX Player におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-6444	2012-06-26 15:38	2006-12-10	Show	GitHub Exploit DB Packet Storm

191302	9.3	危険	AOL	-	AOL などの製品で使用される cddbcontrol.dll におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2006-6442	2012-06-26 15:38	2006-12-10	Show	GitHub Exploit DB Packet Storm

191303	5	警告	agileco	-	Agileco AgileBill および AgileVoice におけるアプリケーションを無効にする脆弱性	-	CVE-2006-6422	2012-06-26 15:38	2006-12-10	Show	GitHub Exploit DB Packet Storm

191304	7.5	危険	b2evolution	-	b2evolution の inc/CONTROL/import/import-mt.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6417	2012-06-26 15:38	2006-12-10	Show	GitHub Exploit DB Packet Storm

191305	7.5	危険	dol storye	-	dol storye の dettaglio.asp における SQL インジェクションの脆弱性	-	CVE-2006-6414	2012-06-26 15:38	2006-12-10	Show	GitHub Exploit DB Packet Storm

191306	10	危険	エフ・セキュア	-	Linux Gateways の F-Secure Anti-Virus におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6409	2012-06-26 15:38	2006-12-9	Show	GitHub Exploit DB Packet Storm

191307	5	警告	FRISK Software International	-	Linux x86 Mail Servers の F-Prot Antivirus におけるウイルス検知を回避される脆弱性	-	CVE-2006-6407	2012-06-26 15:38	2006-12-9	Show	GitHub Exploit DB Packet Storm

191308	5	警告	ClamAV	-	ClamAV におけるウィルス検知を回避される脆弱性	-	CVE-2006-6406	2012-06-26 15:38	2006-12-9	Show	GitHub Exploit DB Packet Storm

191309	7.5	危険	blazevideo	-	BlazeVideo HDTV Player におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2006-6396	2012-06-26 15:38	2006-12-7	Show	GitHub Exploit DB Packet Storm

191310	6.8	警告	ac4p	-	ac4p Mobile におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6389	2012-06-26 15:38	2006-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 5, 2024, 5:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
501	5.4	MEDIUM Network	hasthemes	ht_mega	The “HT Mega – Absolute Addons for Elementor Page Builder” WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as… Update	CWE-79 Cross-site Scripting	CVE-2021-24261	2024-10-4 02:35	2021-05-6	Show	GitHub Exploit DB Packet Storm

502	8.8	HIGH Network	atlassian	confluence_data_center confluence_server jira_service_management jira_data_center jira_server crucible fisheye crowd bitbucket bamboo jira_service_desk	A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlass… Update	CWE-346 Origin Validation Error	CVE-2022-26137	2024-10-4 02:35	2022-07-21	Show	GitHub Exploit DB Packet Storm

503	9.8	CRITICAL Network	atlassian	confluence_data_center confluence_server jira_service_management jira_data_center jira_server crucible fisheye crowd bitbucket bamboo jira_service_desk	A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by … Update	CWE-287 Improper Authentication	CVE-2022-26136	2024-10-4 02:35	2022-07-21	Show	GitHub Exploit DB Packet Storm

504	4.3	MEDIUM Network	hasthemes	ht_mega	The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.5 via the render function in includes/widget… Update	NVD-CWE-noinfo	CVE-2024-8910	2024-10-4 02:34	2024-09-25	Show	GitHub Exploit DB Packet Storm

505	6.1	MEDIUM Network	hasthemes	ht_mega	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Mega – Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega… Update	CWE-79 Cross-site Scripting	CVE-2023-50901	2024-10-4 02:34	2023-12-29	Show	GitHub Exploit DB Packet Storm

506	4.3	MEDIUM Network	elastic	kibana	A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting … Update	NVD-CWE-Other	CVE-2024-37279	2024-10-4 02:33	2024-06-14	Show	GitHub Exploit DB Packet Storm

507	4.6	MEDIUM Physics	motorola	vigilant_fixed_lpr_coms_box_firmware	The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes. Update	CWE-306 Missing Authentication for Critical Function	CVE-2024-38279	2024-10-4 02:32	2024-06-14	Show	GitHub Exploit DB Packet Storm

508	8.8	HIGH Adjacent	silabs	gecko_os	Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected insta… Update	CWE-787 Out-of-bounds Write	CVE-2024-23938	2024-10-4 02:29	2024-09-28	Show	GitHub Exploit DB Packet Storm

509	5.3	MEDIUM Network	wpfactory	eu\/uk_vat_manager_for_woocommerce	The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the alg_wc_eu_vat_exempt_vat_from_admin() function i… Update	CWE-862 Missing Authorization	CVE-2024-9189	2024-10-4 02:26	2024-09-28	Show	GitHub Exploit DB Packet Storm

510	6.1	MEDIUM Network	wpfactory	eu\/uk_vat_manager_for_woocommerce	The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up t… Update	CWE-79 Cross-site Scripting	CVE-2024-8788	2024-10-4 02:25	2024-09-28	Show	GitHub Exploit DB Packet Storm