Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 14, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194591 4.3 警告 シトリックス・システムズ - Citrix Web Interface におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4515 2012-03-27 18:42 2010-12-8 Show GitHub Exploit DB Packet Storm
194592 4.3 警告 DNN - DotNetNuke の Install/InstallWizard.aspx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4514 2012-03-27 18:42 2010-12-9 Show GitHub Exploit DB Packet Storm
194593 4.3 警告 zimplit - Zimplit CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4513 2012-03-27 18:42 2010-12-9 Show GitHub Exploit DB Packet Storm
194594 7.2 危険 Cobbler project - Cobbler における詳細不明な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4512 2012-03-27 18:42 2010-04-23 Show GitHub Exploit DB Packet Storm
194595 10 危険 シックス・アパート株式会社 - Movable Type における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2010-4511 2012-03-27 18:42 2010-12-9 Show GitHub Exploit DB Packet Storm
194596 10 危険 シックス・アパート株式会社 - Movable Type における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2010-4509 2012-03-27 18:42 2010-12-9 Show GitHub Exploit DB Packet Storm
194597 10 危険 Mozilla Foundation - Mozilla Firefox の WebSockets 実装における脆弱性 CWE-noinfo
情報不足 		CVE-2010-4508 2012-03-27 18:42 2010-12-9 Show GitHub Exploit DB Packet Storm
194598 9.3 危険 clear - ClearSpot の iSpot における管理者の認証をクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-4507 2012-03-27 18:42 2010-12-30 Show GitHub Exploit DB Packet Storm
194599 6.8 警告 injader - Injader の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4505 2012-03-27 18:42 2010-12-8 Show GitHub Exploit DB Packet Storm
194600 4.3 警告 Intelliants - eSyndiCat Directory におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4504 2012-03-27 18:42 2010-12-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
121 8.8 HIGH
Network 		multiparcels multiparcels_shipping_for_woocommerce The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.15 does not properly sanitize and escape a parameter before using it in an SQL statement, which could allow any authenticated us… Update - CVE-2023-2843 2024-10-12 06:35 2023-08-8 Show GitHub Exploit DB Packet Storm
122 5.4 MEDIUM
Network 		wpfoodmanager wp_food_manager The WP Food Manager WordPress plugin before 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attack… Update - CVE-2023-0604 2024-10-12 06:35 2023-08-8 Show GitHub Exploit DB Packet Storm
123 7.5 HIGH
Network 		apache inlong Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0.  Attackers can change the immutable name and… Update CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2023-31103 2024-10-12 06:35 2023-05-23 Show GitHub Exploit DB Packet Storm
124 9.8 CRITICAL
Network 		apache inlong Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.6.0.  When users change their password to a simple passwor… Update CWE-521
Weak Password Requirements  		CVE-2023-31098 2024-10-12 06:35 2023-05-23 Show GitHub Exploit DB Packet Storm
125 7.5 HIGH
Network 		apache inlong Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can delete oth… Update CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2023-31453 2024-10-12 06:35 2023-05-22 Show GitHub Exploit DB Packet Storm
126 7.5 HIGH
Network 		apache inlong Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and … Update CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2023-31206 2024-10-12 06:35 2023-05-22 Show GitHub Exploit DB Packet Storm
127 7.5 HIGH
Network 		apache inlong Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' op… Update CWE-502
 Deserialization of Untrusted Data 		CVE-2023-31058 2024-10-12 06:35 2023-05-22 Show GitHub Exploit DB Packet Storm
128 9.8 CRITICAL
Network 		apache sling_commons_json Improper input validation in the Apache Sling Commons JSON bundle allows an attacker to trigger unexpected errors by supplying specially-crafted input. The org.apache.sling.commons.json bundle has b… Update CWE-20
 Improper Input Validation  		CVE-2022-47937 2024-10-12 06:35 2023-05-15 Show GitHub Exploit DB Packet Storm
129 7.2 HIGH
Network 		apache openmeetings An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 Update CWE-20
 Improper Input Validation  		CVE-2023-29246 2024-10-12 06:35 2023-05-12 Show GitHub Exploit DB Packet Storm
130 8.1 HIGH
Network 		apache openmeetings An attacker that has gained access to certain private information can use this to act as other user. Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 3.1.3 before … Update CWE-287
Improper Authentication 		CVE-2023-29032 2024-10-12 06:35 2023-05-12 Show GitHub Exploit DB Packet Storm