Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 1, 2024, 12:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191531 7.5 危険 AVAST Software s.r.o. - alwil avast! Anti-virus Engine におけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2006-4626 2012-06-26 15:37 2006-09-7 Show GitHub Exploit DB Packet Storm
191532 7.5 危険 comscripts - AnnonceV の annonce.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4622 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
191533 7.5 危険 bare concept media - Pheap の settings.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4621 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
191534 4.6 警告 Alt-N - MDaemon が稼動している Alt-N WebAdmin の useredit_account.wdm モジュールにおけるシステムのメールキューへのアクセス権を取得される脆弱性 - CVE-2006-4620 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
191535 4.6 警告 Avira - Avira AntiVir PersonalEdition Classic の更新スタートウィンドウにおける権限を取得される脆弱性 - CVE-2006-4619 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
191536 7.5 危険 dsocks - dsocks の dsocks.c の _tor_resolve 関数におけるバッファオーバーフローの脆弱性 - CVE-2006-4611 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
191537 5.1 警告 graphiks - GrapAgenda の index.php における PHP リモートファイルインクルーションの脆弱性 - CVE-2006-4610 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
191538 7.5 危険 annuaire - Annuaire 1Two の index.php における SQL インジェクションの脆弱性 - CVE-2006-4601 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
191539 7.5 危険 autentificator - Autentificator の aut_verifica.inc.php における SQL インジェクションの脆弱性 - CVE-2006-4599 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
191540 7.5 危険 bugada andrea - phpAtm における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4594 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 1, 2024, 12:12 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2091 9.8 CRITICAL
Network 		tenda ch22_firmware Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function. CWE-787
 Out-of-bounds Write 		CVE-2024-46045 2024-09-20 09:34 2024-09-13 Show GitHub Exploit DB Packet Storm
2092 9.8 CRITICAL
Network 		tenda ch22_firmware CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function. CWE-787
 Out-of-bounds Write 		CVE-2024-46044 2024-09-20 09:34 2024-09-13 Show GitHub Exploit DB Packet Storm
2093 7.8 HIGH
Local 		intelbras incontrol A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code of the component incontrolWebcam Service. The manipulation leads to unquoted s… CWE-428
 Unquoted Search Path or Element 		CVE-2024-6080 2024-09-20 09:27 2024-06-18 Show GitHub Exploit DB Packet Storm
2094 8.8 HIGH
Network 		yotuwp video_gallery The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This … NVD-CWE-Other
CVE-2024-4551 2024-09-20 09:24 2024-06-15 Show GitHub Exploit DB Packet Storm
2095 6.3 MEDIUM
Network 		ali2woo aliexpress_dropshipping_with_alinext The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the ImportAjaxController.php file in … CWE-862
 Missing Authorization 		CVE-2024-4450 2024-09-20 09:22 2024-06-19 Show GitHub Exploit DB Packet Storm
2096 9.8 CRITICAL
Network 		yotuwp video_gallery The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. Thi… NVD-CWE-Other
CVE-2024-4258 2024-09-20 09:21 2024-06-15 Show GitHub Exploit DB Packet Storm
2097 8.8 HIGH
Network 		ali2woo aliexpress_dropshipping_with_alinext The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_save_image function in all versions up to, a… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-2381 2024-09-20 09:18 2024-06-19 Show GitHub Exploit DB Packet Storm
2098 5.9 MEDIUM
Network 		consensys gnark-crypto gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.11.0, commitments to private witnesses in Groth16 as implemented break the zero-knowledge property… NVD-CWE-noinfo
CVE-2024-45040 2024-09-20 09:13 2024-09-6 Show GitHub Exploit DB Packet Storm
2099 6.2 MEDIUM
Local 		consensys gnark-crypto gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Versions prior to 0.11.0 have a soundness issue - in case of multiple commitments used inside the circuit the prover … NVD-CWE-noinfo
CVE-2024-45039 2024-09-20 09:12 2024-09-6 Show GitHub Exploit DB Packet Storm
2100 8.8 HIGH
Network 		thimpress wp_events_manager The WP Events Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 2.1.11 due to insufficient escaping on the user su… CWE-89
SQL Injection 		CVE-2024-7717 2024-09-20 09:08 2024-08-31 Show GitHub Exploit DB Packet Storm