Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 15, 2024, 6:02 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
193001 4.3 警告 grouplink - GroupLink eHelpDesk におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2007-5176 2012-06-26 15:54 2007-10-3 Show GitHub Exploit DB Packet Storm
193002 6.8 警告 actsite - actSite の lib/base.php における任意の PHP コードが実行される脆弱性 CWE-94
コード・インジェクション
CVE-2007-5175 2012-06-26 15:54 2007-10-3 Show GitHub Exploit DB Packet Storm
193003 7.5 危険 actsite - actSite の phpinc/news.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2007-5174 2012-06-26 15:54 2007-10-3 Show GitHub Exploit DB Packet Storm
193004 9.3 危険 アドビシステムズ - Adobe PageMaker の MAIPM6.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2007-5169 2012-06-26 15:54 2007-10-9 Show GitHub Exploit DB Packet Storm
193005 6.8 警告 clanlite - ClanLite における PHP リモートファイルインクルージョンの脆弱性 CWE-20
不適切な入力確認
CVE-2007-5168 2012-06-26 15:54 2007-10-1 Show GitHub Exploit DB Packet Storm
193006 6.8 警告 sitex
CKEditor Team
Apache Software Foundation
- SiteX CMS などで使用される FCKeditor の editor/filemanager/upload/php/upload.php における任意の PHP コードを実行される脆弱性 CWE-Other
その他
CVE-2007-5156 2012-06-26 15:54 2007-10-1 Show GitHub Exploit DB Packet Storm
193007 6.8 警告 der dirigent - dedi-group Der Dirigent における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2007-5146 2012-06-26 15:54 2007-10-1 Show GitHub Exploit DB Packet Storm
193008 1.9 注意 マイクロソフト
エフ・セキュア
- F-Secure Anti-Virus におけるウイルススキャンを回避される脆弱性 CWE-DesignError
CVE-2007-5143 2012-06-26 15:54 2007-10-1 Show GitHub Exploit DB Packet Storm
193009 6.8 警告 chupix - chupix の admin/include/header.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2007-5139 2012-06-26 15:54 2007-09-28 Show GitHub Exploit DB Packet Storm
193010 4.3 警告 dragonfrugal - DFD Cart におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2007-5136 2012-06-26 15:54 2007-09-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 15, 2024, 4:16 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2381 4.8 MEDIUM
Network
migaweb accordion_title_for_elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Gangolf Accordion title for Elementor allows Stored XSS.This issue affects Accordi… CWE-79
Cross-site Scripting
CVE-2024-51685 2024-11-7 04:34 2024-11-5 Show GitHub Exploit DB Packet Storm
2382 7.5 HIGH
Network
aetherproject onos-a1t
sdran-in-a-box
An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a remote attacker to cause a denial of service via the onos-a1t component of the sdran-in-a-box, specificall… CWE-770
 Allocation of Resources Without Limits or Throttling
CVE-2024-48809 2024-11-7 04:33 2024-11-5 Show GitHub Exploit DB Packet Storm
2383 9.8 CRITICAL
Network
openimaj openimaj An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted XML file. CWE-611
XXE
CVE-2024-51136 2024-11-7 04:31 2024-11-5 Show GitHub Exploit DB Packet Storm
2384 4.9 MEDIUM
Network
bitrix24 bitrix24 Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send AD/LDAP administrators account passwords to an arbitrary server v… CWE-522
 Insufficiently Protected Credentials
CVE-2024-34887 2024-11-7 04:28 2024-11-5 Show GitHub Exploit DB Packet Storm
2385 4.9 MEDIUM
Network
bitrix24 bitrix24 Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allow remote administrators to read proxy-server accounts passwords via HTTP GET request. CWE-522
 Insufficiently Protected Credentials
CVE-2024-34883 2024-11-7 04:28 2024-11-5 Show GitHub Exploit DB Packet Storm
2386 4.9 MEDIUM
Network
bitrix24 bitrix24 Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send SMTP account passwords to an arbitrary server via HTTP POST request. CWE-522
 Insufficiently Protected Credentials
CVE-2024-34882 2024-11-7 04:28 2024-11-5 Show GitHub Exploit DB Packet Storm
2387 7.1 HIGH
Local
redhat hornetq An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information. NVD-CWE-noinfo
CVE-2024-51127 2024-11-7 04:25 2024-11-5 Show GitHub Exploit DB Packet Storm
2388 8.8 HIGH
Network
idrsdev agile-board A Host header injection vulnerability in Agile-Board 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. CWE-94
Code Injection
CVE-2024-51329 2024-11-7 04:19 2024-11-5 Show GitHub Exploit DB Packet Storm
2389 8.1 HIGH
Network
loginizer loginizer The Loginizer Security and Loginizer plugins for WordPress are vulnerable to authentication bypass in all versions up to, and including, 1.9.2. This is due to insufficient verification on the user be… NVD-CWE-noinfo
CVE-2024-10097 2024-11-7 04:14 2024-11-5 Show GitHub Exploit DB Packet Storm
2390 - - - In the Linux kernel, the following vulnerability has been resolved: net: micrel: Fix receiving the timestamp in the frame for lan8841 The blamed commit started to use the ptp workqueue to get the s… - CVE-2024-38593 2024-11-7 03:35 2024-06-19 Show GitHub Exploit DB Packet Storm