Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 4, 2024, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191621	7.5	危険	conpresso	-	Bartels Schoene ConPresso の index.php における SQL インジェクションの脆弱性	-	CVE-2006-5128	2012-06-26 15:37	2006-10-3	Show	GitHub Exploit DB Packet Storm

191622	6.8	警告	conpresso	-	Bartels Schoene ConPresso におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5127	2012-06-26 15:37	2006-10-3	Show	GitHub Exploit DB Packet Storm

191623	5	警告	devellion	-	Devellion CubeCart における重要な情報を取得される脆弱性	-	CVE-2006-5109	2012-06-26 15:37	2006-10-3	Show	GitHub Exploit DB Packet Storm

191624	6.8	警告	devellion	-	Devellion CubeCart におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5108	2012-06-26 15:37	2006-10-3	Show	GitHub Exploit DB Packet Storm

191625	10	危険	CA Technologies	-	複数の CA 製品で使用される RPC インターフェースにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-5172	2012-06-26 15:37	2007-01-11	Show	GitHub Exploit DB Packet Storm

191626	7.5	危険	devellion	-	Devellion CubeCart における SQL インジェクションの脆弱性	-	CVE-2006-5107	2012-06-26 15:37	2006-10-3	Show	GitHub Exploit DB Packet Storm

191627	5.1	警告	FacileForms	-	Mambo および Joomla! 用の FacileForms におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5106	2012-06-26 15:37	2006-10-3	Show	GitHub Exploit DB Packet Storm

191628	7.5	危険	forum one	-	SyntaxCMS における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5105	2012-06-26 15:37	2006-10-3	Show	GitHub Exploit DB Packet Storm

191629	7.5	危険	bbsnew	-	bbsNew の admin/index2.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5103	2012-06-26 15:37	2006-10-3	Show	GitHub Exploit DB Packet Storm

191630	7.5	危険	baumedia	-	Sebastian Baumann の include/editfunc.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5102	2012-06-26 15:37	2006-10-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 4, 2024, 12:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1211	5.5	MEDIUM Local	linux	linux_kernel	A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trig…	CWE-476 NULL Pointer Dereference	CVE-2023-7042	2024-09-28 13:15	2023-12-22	Show	GitHub Exploit DB Packet Storm

1212	-		-	-	A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.	CWE-415 Double Free	CVE-2024-2002	2024-09-28 12:15	2024-03-18	Show	GitHub Exploit DB Packet Storm

1213	8.0	HIGH Adjacent	tp-link	archer_c55_firmware archer_c50_v3_firmware	Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C5…	CWE-78 OS Command	CVE-2023-31188	2024-09-28 06:35	2023-09-6	Show	GitHub Exploit DB Packet Storm

1214	8.0	HIGH Network	apache	airflow	The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the …	CWE-384 Session Fixation	CVE-2023-40273	2024-09-28 06:35	2023-08-24	Show	GitHub Exploit DB Packet Storm

1215	8.2	HIGH Network	apache	ivy	Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy pr…	CWE-91 CWE-611 Blind XPath Injection XXE	CVE-2022-46751	2024-09-28 06:35	2023-08-21	Show	GitHub Exploit DB Packet Storm

1216	6.1	MEDIUM Network	mm-breaking_news_project	mm-breaking_news	The MM-Breaking News WordPress plugin through 0.7.9 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting…	CWE-79 Cross-site Scripting	CVE-2024-8056	2024-09-28 06:29	2024-09-12	Show	GitHub Exploit DB Packet Storm

1217	6.1	MEDIUM Network	mm-breaking_news_project	mm-breaking_news	The MM-Breaking News WordPress plugin through 0.7.9 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add S…	CWE-79 Cross-site Scripting	CVE-2024-8054	2024-09-28 06:29	2024-09-12	Show	GitHub Exploit DB Packet Storm

1218	4.8	MEDIUM Network	ninjateam	header_footer_custom_code	The NinjaTeam Header Footer Custom Code WordPress plugin before 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Sit…	CWE-79 Cross-site Scripting	CVE-2024-6617	2024-09-28 06:28	2024-09-13	Show	GitHub Exploit DB Packet Storm

1219	4.8	MEDIUM Network	ninjateam	header_footer_custom_code	The NinjaTeam Header Footer Custom Code WordPress plugin before 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Sit…	CWE-79 Cross-site Scripting	CVE-2024-6493	2024-09-28 06:28	2024-09-13	Show	GitHub Exploit DB Packet Storm

1220	6.8	MEDIUM Network	pixeljar	favicon_generator	The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not validate files to be uploaded and does not have CSRF checks, which could allow attackers to make logged in admin upload arbitrary f…	CWE-352 Origin Validation Error	CVE-2024-7863	2024-09-28 06:27	2024-09-13	Show	GitHub Exploit DB Packet Storm