Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 19, 2024, 10:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
193861	5.8	警告	filerun	-	FileRun の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2470	2012-06-26 15:46	2007-05-2	Show	GitHub Exploit DB Packet Storm

193862	7.5	危険	filerun	-	FileRun の index.php における SQL インジェクションの脆弱性	-	CVE-2007-2469	2012-06-26 15:46	2007-05-2	Show	GitHub Exploit DB Packet Storm

193863	7.5	危険	firefly	-	FireFly の modules/admin/include/config.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2460	2012-06-26 15:46	2007-05-2	Show	GitHub Exploit DB Packet Storm

193864	7.5	危険	firefly	-	FireFly における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2456	2012-06-26 15:46	2007-05-2	Show	GitHub Exploit DB Packet Storm

193865	6	警告	GNU Project	-	GNU findutils の locate におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-2452	2012-06-26 15:46	2007-06-4	Show	GitHub Exploit DB Packet Storm

193866	5	警告	Caucho Technology	-	Caucho Resin Professional および Caucho Resin におけるシステムパスを取得される脆弱性	-	CVE-2007-2441	2012-06-26 15:46	2007-05-16	Show	GitHub Exploit DB Packet Storm

193867	5	警告	Caucho Technology	-	Caucho Resin Professional および Caucho Resin におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2440	2012-06-26 15:46	2007-05-16	Show	GitHub Exploit DB Packet Storm

193868	9.4	危険	Caucho Technology	-	Caucho Resin Professional および Caucho Resin における COM または LPT デバイスからデータを読み取られる脆弱性	-	CVE-2007-2439	2012-06-26 15:46	2007-05-16	Show	GitHub Exploit DB Packet Storm

193869	10	危険	aventail	-	Aventail Connect の asnsp.dll におけるバッファオーバーフローの脆弱性	-	CVE-2007-2434	2012-06-26 15:46	2007-05-2	Show	GitHub Exploit DB Packet Storm

193870	6.8	警告	ariadne	-	Ariadne の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2433	2012-06-26 15:46	2007-05-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 19, 2024, 5:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1581	4.3	MEDIUM Network	-	-	The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.…	CWE-352 Origin Validation Error	CVE-2024-10593	2024-11-13 12:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

1582	6.1	MEDIUM Network	-	-	The Constant Contact Forms by MailMunch plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up…	CWE-79 Cross-site Scripting	CVE-2024-9614	2024-11-13 11:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

1583	-		-	-	The Hide Links plugin for WordPress is vulnerable to unauthorized shortcode execution due to do_shortcode being hooked through the comment_text filter in all versions up to and including 1.4.2. This …	CWE-862 Missing Authorization	CVE-2024-9578	2024-11-13 11:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

1584	-		-	-	The Aqua SVG Sprite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.0.14 due to insufficient input sanitization and outp…	CWE-79 Cross-site Scripting	CVE-2024-9426	2024-11-13 11:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

1585	6.4	MEDIUM Network	-	-	The Social Proof (Testimonial) Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's spslider-block shortcode in all versions up to, and including, 2.2.4 due to in…	CWE-79 Cross-site Scripting	CVE-2024-8985	2024-11-13 11:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

1586	6.1	MEDIUM Network	-	-	The AJAX Login and Registration modal popup + inline form plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL …	CWE-79 Cross-site Scripting	CVE-2024-8874	2024-11-13 11:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

1587	-		-	-	Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achie…	-	CVE-2024-39712	2024-11-13 11:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

1588	-		-	-	Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achie…	-	CVE-2024-39711	2024-11-13 11:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

1589	-		-	-	Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve…	-	CVE-2024-39710	2024-11-13 11:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

1590	-		-	-	Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy Secure before version 22.6R1 allow a local authenticated attacker to escalate their privileges.	-	CVE-2024-39709	2024-11-13 11:15	2024-11-13	Show	GitHub Exploit DB Packet Storm