Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 16, 2024, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
194121 4.6 警告 Comodo - Comodo Firewall Pro におけるセキュリティ保護を回避される脆弱性 - CVE-2007-1051 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
194122 4.3 警告 abledesign - AbleDesign MyCalendar の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2007-1050 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
194123 7.5 危険 distributed checksum clearinghouse - DCC における /var/dcc/maps 配下の hosts を削除される脆弱性 - CVE-2007-1047 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
194124 5 警告 dem trac - Dem_trac におけるログファイルの内容を読み取られる脆弱性 - CVE-2007-1046 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
194125 7.5 危険 ezboo - Ezboo webstats における認証を回避される脆弱性 - CVE-2007-1043 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
194126 7.5 危険 Drupal - Drupal 用の Mediafield などのモジュールで使用される getID3 の特定のデモスクリプトにおける任意のファイルを削除される脆弱性 - CVE-2007-1035 2012-06-26 15:46 2007-02-16 Show GitHub Exploit DB Packet Storm
194127 7.5 危険 Drupal - Drupal 用の Secure site モジュールにおけるアクセス制限を回避される脆弱性 CWE-Other
その他
CVE-2007-1033 2012-06-26 15:46 2007-02-16 Show GitHub Exploit DB Packet Storm
194128 6.8 警告 barry jaspan - Drupal の Barry Jaspan Image Pager におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1028 2012-06-26 15:46 2007-02-15 Show GitHub Exploit DB Packet Storm
194129 6.8 警告 cedstat - CedStat の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1020 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
194130 7.5 危険 aktueldownload - Aktueldownload Haber スクリプトにおける SQL インジェクションの脆弱性 - CVE-2007-1016 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 17, 2024, 5:17 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2221 8.0 HIGH
Adjacent
enelx waybox_pro_firmware A heap buffer overflow could be triggered by sending a specific packet to TCP port 7700. CWE-787
 Out-of-bounds Write
CVE-2023-29125 2024-11-9 01:10 2024-11-6 Show GitHub Exploit DB Packet Storm
2222 8.8 HIGH
Adjacent
enelx waybox_pro_firmware Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox system. NVD-CWE-Other
CVE-2023-29121 2024-11-9 01:09 2024-11-6 Show GitHub Exploit DB Packet Storm
2223 8.8 HIGH
Adjacent
enelx waybox_pro_firmware Waybox Enel X web management application could be used to execute arbitrary OS commands and provide administrator’s privileges over the Waybox system. CWE-78
OS Command 
CVE-2023-29120 2024-11-9 01:09 2024-11-6 Show GitHub Exploit DB Packet Storm
2224 8.8 HIGH
Adjacent
enelx waybox_pro_firmware Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/dbstore.php. CWE-89
SQL Injection
CVE-2023-29119 2024-11-9 01:09 2024-11-6 Show GitHub Exploit DB Packet Storm
2225 8.8 HIGH
Adjacent
enelx waybox_pro_firmware Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php. CWE-89
SQL Injection
CVE-2023-29118 2024-11-9 01:08 2024-11-6 Show GitHub Exploit DB Packet Storm
2226 8.8 HIGH
Adjacent
enelx waybox_pro_firmware Waybox Enel X web management API authentication could be bypassed and provide administrator’s privileges over the Waybox system. CWE-287
Improper Authentication
CVE-2023-29117 2024-11-9 01:08 2024-11-6 Show GitHub Exploit DB Packet Storm
2227 4.3 MEDIUM
Adjacent
enelx waybox_pro_firmware Under certain conditions, through a request directed to the Waybox Enel X web management application, information like Waybox OS version or service configuration details could be obtained. NVD-CWE-noinfo
CVE-2023-29116 2024-11-9 01:08 2024-11-6 Show GitHub Exploit DB Packet Storm
2228 6.5 MEDIUM
Adjacent
enelx waybox_pro_firmware In certain conditions a request directed to the Waybox Enel X Web management application could cause a denial-of-service (e.g. reboot). NVD-CWE-noinfo
CVE-2023-29115 2024-11-9 01:08 2024-11-6 Show GitHub Exploit DB Packet Storm
2229 5.4 MEDIUM
Network
xplodedthemes xt_floating_cart_for_woocommerce The XT Floating Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.8.2 due to insufficient input sanit… CWE-79
Cross-site Scripting
CVE-2024-9178 2024-11-9 01:03 2024-11-5 Show GitHub Exploit DB Packet Storm
2230 5.4 MEDIUM
Network
bdthemes element_pack The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Open Map Widget'… CWE-79
Cross-site Scripting
CVE-2024-9867 2024-11-9 01:00 2024-11-5 Show GitHub Exploit DB Packet Storm