Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 18, 2024, 12:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
193881	6.8	警告	atmail pty ltd	-	Atmail の atmail.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2153	2012-06-26 15:46	2007-04-19	Show	GitHub Exploit DB Packet Storm

193882	7.8	危険	bluearc	-	BlueArc Titan デバイスの BlueArc-FTPD における他のサイトへトラフィックをリダイレクトする脆弱性	-	CVE-2007-2150	2012-06-26 15:46	2007-04-19	Show	GitHub Exploit DB Packet Storm

193883	7.5	危険	bonoestente	-	Joomla! の Be2004-2 テンプレートの index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2143	2012-06-26 15:46	2007-04-19	Show	GitHub Exploit DB Packet Storm

193884	7.5	危険	ajportal2php	-	AjPortal2Php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2142	2012-06-26 15:46	2007-04-19	Show	GitHub Exploit DB Packet Storm

193885	7.5	危険	franklin huang	-	Franklin Huang Flip の everything.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2140	2012-06-26 15:46	2007-04-19	Show	GitHub Exploit DB Packet Storm

193886	10	危険	CA Technologies	-	複数の CA 製品で使用される CA BrightStor ARCserve Media Server の SUN RPC サービスにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-2139	2012-06-26 15:46	2007-04-25	Show	GitHub Exploit DB Packet Storm

193887	7.5	危険	BMC Software	-	BMC Patrol PerformAgent の bgs_sdservice.exe におけるバッファオーバーフローの脆弱性	-	CVE-2007-2136	2012-06-26 15:46	2007-04-22	Show	GitHub Exploit DB Packet Storm

193888	10	危険	fac guestbook	-	FAC Guestbook におけるデータベースをダウンロードされる脆弱性	-	CVE-2007-2101	2012-06-26 15:46	2007-04-18	Show	GitHub Exploit DB Packet Storm

193889	10	危険	fac guestbook	-	FAC Guestbook におけるデータベースをダウンロードされる脆弱性	-	CVE-2007-2100	2012-06-26 15:46	2007-04-18	Show	GitHub Exploit DB Packet Storm

193890	7.5	危険	anthologia	-	Anthologia の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2094	2012-06-26 15:46	2007-04-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 18, 2024, 12:12 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
551	-		-	-	The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting att…	-	CVE-2024-10104	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

552	6.1	MEDIUM Network	-	-	The Yotpo: Product & Photo Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'yotpo_user_email' and 'yotpo_user_name' parameters in all versions up …	CWE-79 Cross-site Scripting	CVE-2024-9356	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

553	-		-	-	Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentional…	-	CVE-2024-45784	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

554	-		-	-	Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an attacker may be able to know…	CWE-22 Path Traversal	CVE-2024-42499	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

555	-		-	-	Cross-site scripting vulnerability exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using t…	-	CVE-2024-39610	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

556	7.2	HIGH Network	-	-	The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 5.2.1 due to insufficient input sanitization and …	CWE-79 Cross-site Scripting	CVE-2024-10793	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

557	4.3	MEDIUM Network	-	-	The Music Player for Elementor – Audio Player & Podcast Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the import_mpfe_template() …	CWE-862 Missing Authorization	CVE-2024-10582	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

558	7.2	HIGH Network	-	-	The Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 8.0.3 due to insufficient input sanitization and output escaping.…	CWE-79 Cross-site Scripting	CVE-2024-10260	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

559	6.4	MEDIUM Network	-	-	The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpadcenter_ad shortcode in all versions up to, and including, 2.5.7 due t…	CWE-79 Cross-site Scripting	CVE-2024-10113	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm

560	-		-	-	A heap-based buffer under-read in tsMuxer version nightly-2024-05-12-02-01-18 allows attackers to cause Denial of Service (DoS) via a crafted MOV video file.	-	CVE-2024-52613	2024-11-15 22:58	2024-11-15	Show	GitHub Exploit DB Packet Storm