Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
194151 4.3 警告 communityserver.org - Community Server の search/SearchResults.aspx におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0925 2012-06-26 15:46 2007-02-14 Show GitHub Exploit DB Packet Storm
194152 4.3 警告 cPanel - cPanel WHM の scripts/passwdmysql におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0890 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
194153 7.8 危険 Gecad Technologies - axigen におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0887 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
194154 10 危険 Gecad Technologies - axigen におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0886 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
194155 7.8 危険 capital request forms - Capital Request Forms におけるデータベースの資格情報を取得される脆弱性 - CVE-2007-0880 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
194156 6.8 警告 allons voter - Allons_voter における認証または特定の管理機能のアクセスを回避される脆弱性 - CVE-2007-0874 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
194157 7.5 危険 extremepow - eXtremePow eXtreme File Hosting における任意の PHP コードをアップロードされる脆弱性 - CVE-2007-0871 2012-06-26 15:46 2007-02-12 Show GitHub Exploit DB Packet Storm
194158 7.5 危険 cPanel - cPanel WHM の scripts2/objcache におけるリモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2007-0854 2012-06-26 15:46 2007-02-8 Show GitHub Exploit DB Packet Storm
194159 7.5 危険 advanced poll - Advanced Poll の admin/index.php における認証を回避される脆弱性 - CVE-2007-0845 2012-06-26 15:46 2007-02-8 Show GitHub Exploit DB Packet Storm
194160 5 警告 freeproxy - FreeProxy におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0838 2012-06-26 15:46 2007-02-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 5:14 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2311 5.4 MEDIUM
Network
salesagility suitecrm SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. The "Publish Key" field in SuiteCRM's Edit Profile page is vulnerable to Reflected Cross-Site… CWE-79
Cross-site Scripting
CVE-2024-50335 2024-11-9 00:09 2024-11-6 Show GitHub Exploit DB Packet Storm
2312 9.1 CRITICAL
Network
qualcomm wsa8845h_firmware
wsa8845_firmware
wsa8840_firmware
wsa8835_firmware
wsa8832_firmware
wsa8830_firmware
wsa8815_firmware
wsa8810_firmware
wcn7881_firmware
wcn7880_firmware
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. NVD-CWE-noinfo
CVE-2024-38408 2024-11-9 00:07 2024-11-4 Show GitHub Exploit DB Packet Storm
2313 6.1 MEDIUM
Network
flycart discount_rules_for_woocommerce The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of a… CWE-79
Cross-site Scripting
CVE-2024-8541 2024-11-9 00:07 2024-10-16 Show GitHub Exploit DB Packet Storm
2314 8.8 HIGH
Network
ibm watson_studio_local IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. CWE-352
 Origin Validation Error
CVE-2024-49340 2024-11-9 00:06 2024-10-16 Show GitHub Exploit DB Packet Storm
2315 4.6 MEDIUM
Network
apache nifi Apache NiFi 1.10.0 through 1.27.0 and 2.0.0-M1 through 2.0.0-M3 support a description field for Parameters in a Parameter Context configuration that is vulnerable to cross-site scripting. An authenti… CWE-79
Cross-site Scripting
CVE-2024-45477 2024-11-9 00:03 2024-10-29 Show GitHub Exploit DB Packet Storm
2316 7.2 HIGH
Network
davidlingren media_library_assistant Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in David Lingren Media Library Assistant allows Command Injection.This issue affects Media Lib… CWE-78
OS Command 
CVE-2024-51661 2024-11-9 00:02 2024-11-4 Show GitHub Exploit DB Packet Storm
2317 4.6 MEDIUM
Network
mattermost mattermost_server Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path travers… CWE-352
 Origin Validation Error
CVE-2024-46872 2024-11-9 00:00 2024-10-29 Show GitHub Exploit DB Packet Storm
2318 6.1 MEDIUM
Network
latex2html latex2html Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Van Abel LaTeX2HTML allows Reflected XSS.This issue affects LaTeX2HTML: from n/a through 2… CWE-79
Cross-site Scripting
CVE-2024-49673 2024-11-8 23:57 2024-10-29 Show GitHub Exploit DB Packet Storm
2319 6.1 MEDIUM
Network
samglover client_power_tools Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sam Glover Client Power Tools Portal allows Reflected XSS.This issue affects Client Power … CWE-79
Cross-site Scripting
CVE-2024-49670 2024-11-8 23:57 2024-10-29 Show GitHub Exploit DB Packet Storm
2320 5.4 MEDIUM
Network
affiliatexblocks affiliatex Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AffiliateX allows Stored XSS.This issue affects AffiliateX: from n/a through 1.2.9. CWE-79
Cross-site Scripting
CVE-2024-49692 2024-11-8 23:55 2024-10-29 Show GitHub Exploit DB Packet Storm