Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 19, 2024, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194091	2.9	注意	シスコシステムズ	-	Cisco WLC におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2037	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

194092	10	危険	シスコシステムズ	-	Cisco WLC の SNMP 実装における SNMP 変数を変更される脆弱性	-	CVE-2007-2036	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

194093	7.8	危険	シスコシステムズ	-	Cisco WCS におけるネットワークの構成データを取得される脆弱性	-	CVE-2007-2035	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

194094	9	危険	シスコシステムズ	-	Cisco WCS におけるアプリケーションおよびネットワークを管理される脆弱性	CWE-noinfo 情報不足	CVE-2007-2034	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

194095	6.5	警告	シスコシステムズ	-	Cisco WCS における設定ページを読まれる脆弱性	-	CVE-2007-2033	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

194096	7.5	危険	シスコシステムズ	-	Cisco WCS における任意のファイルを変更される脆弱性	-	CVE-2007-2032	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

194097	10	危険	3proxy	-	3proxy におけるバッファオーバーフローの脆弱性	-	CVE-2007-2031	2012-06-26 15:46	2007-04-16	Show	GitHub Exploit DB Packet Storm

194098	7.8	危険	ClamAV	-	ClamAV におけるサービス運用妨害の脆弱性	CWE-399 リソース管理の問題	CVE-2007-2029	2012-06-26 15:46	2007-04-30	Show	GitHub Exploit DB Packet Storm

194099	7.8	危険	Gentoo Linux amavis	-	ファイルの GNU 正規表現コードにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2026	2012-06-26 15:46	2007-04-11	Show	GitHub Exploit DB Packet Storm

194100	6.5	警告	AlstraSoft	-	AlstraSoft Video Share Enterprise の msg.php における SQL インジェクションの脆弱性	-	CVE-2007-2018	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 19, 2024, 4:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2551	4.8	MEDIUM Network	10web	photo_gallery	The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.30 due to ins…	CWE-79 Cross-site Scripting	CVE-2024-9878	2024-11-9 00:25	2024-11-5	Show	GitHub Exploit DB Packet Storm

2552	8.8	HIGH Network	fileorganizer	fileorganizer	The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizer_ajax_handler" function in…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-7985	2024-11-9 00:22	2024-10-30	Show	GitHub Exploit DB Packet Storm

2553	4.8	MEDIUM Network	robosoft	robo_gallery	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RoboSoft Robo Gallery allows Stored XSS.This issue affects Robo Gallery: from n/a through …	CWE-79 Cross-site Scripting	CVE-2024-49696	2024-11-9 00:21	2024-10-24	Show	GitHub Exploit DB Packet Storm

2554	6.5	MEDIUM Network	63moons	aero wave_2.0	This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at the API response. An authenticated remote attacker could exploit this vulnerability by manipulating a pa…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2024-51556	2024-11-9 00:20	2024-11-4	Show	GitHub Exploit DB Packet Storm

2555	5.4	MEDIUM Network	spiffyplugins	wp_flow_plus	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a th…	CWE-79 Cross-site Scripting	CVE-2024-49695	2024-11-9 00:20	2024-10-24	Show	GitHub Exploit DB Packet Storm

2556	6.5	MEDIUM Network	63moons	aero wave_2.0	This vulnerability exists in the Wave 2.0 due to missing authorization check on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter “u…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-51559	2024-11-9 00:19	2024-11-4	Show	GitHub Exploit DB Packet Storm

2557	9.8	CRITICAL Network	63moons	aero wave_2.0	This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conduc…	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2024-51558	2024-11-9 00:19	2024-11-4	Show	GitHub Exploit DB Packet Storm

2558	6.5	MEDIUM Network	63moons	aero wave_2.0	This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP re…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2024-51557	2024-11-9 00:19	2024-11-4	Show	GitHub Exploit DB Packet Storm

2559	5.4	MEDIUM Network	kraftplugins	mega_elements	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a th…	CWE-79 Cross-site Scripting	CVE-2024-49693	2024-11-9 00:19	2024-10-24	Show	GitHub Exploit DB Packet Storm

2560	7.5	HIGH Network	ruijie	nbr3000d-e_firmware	An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information via the /tool/shell/postgresql.conf component.	NVD-CWE-noinfo	CVE-2024-48783	2024-11-9 00:19	2024-10-16	Show	GitHub Exploit DB Packet Storm