Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 5, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
195351	5	警告	RabidHamster	-	RabidHamster R2/Extreme の telnet サーバにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-1221	2012-02-22 14:30	2012-02-21	Show	GitHub Exploit DB Packet Storm

195352	4.3	警告	Yoono	-	Firefox 用 Yoono エクステンションの Add friends モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1215	2012-02-22 11:38	2012-02-21	Show	GitHub Exploit DB Packet Storm

195353	4.3	警告	Yoono	-	Yoono Desktop Application の Add friends モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1214	2012-02-22 11:37	2012-02-21	Show	GitHub Exploit DB Packet Storm

195354	7.5	危険	Nova CMS	-	Nova CMS における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2012-1200	2012-02-21 16:48	2012-02-18	Show	GitHub Exploit DB Packet Storm

195355	7.5	危険	BASE	-	Basic Analysis and Security Engine における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2012-1199	2012-02-21 16:48	2012-02-18	Show	GitHub Exploit DB Packet Storm

195356	7.5	危険	BASE	-	Basic Analysis and Security Engine の base_ag_main.php における任意のコードを実行される脆弱性	CWE-287 不適切な認証	CVE-2012-1198	2012-02-21 16:45	2012-02-18	Show	GitHub Exploit DB Packet Storm

195357	6.8	警告	ACD Systems International	-	ACDSee の IDE_ACDStd.apl モジュールにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-1197	2012-02-21 16:44	2012-02-18	Show	GitHub Exploit DB Packet Storm

195358	5	警告	LANDesk	-	Lenovo ThinkManagement Console におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-1196	2012-02-21 16:44	2012-02-18	Show	GitHub Exploit DB Packet Storm

195359	7.5	危険	LANDesk	-	Lenovo ThinkManagement Console の ServerSetup web サービスにおける任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1195	2012-02-21 16:43	2012-02-18	Show	GitHub Exploit DB Packet Storm

195360	4.3	警告	Craig Barratt	-	BackupPC の RestoreFile.pm におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5081	2012-02-21 16:42	2012-02-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 5, 2024, 8:11 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
11	8.8	HIGH Network	mainwp	updraftplus_extension	Missing Authorization vulnerability in MainWP MainWP UpdraftPlus Extension.This issue affects MainWP UpdraftPlus Extension: from n/a through 4.0.6. Update	CWE-862 Missing Authorization	CVE-2023-23640	2024-10-5 11:04	2024-06-9	Show	GitHub Exploit DB Packet Storm

12	8.8	HIGH Network	androidbubble	wp_sort_order	Missing Authorization vulnerability in Fahad Mahmood WP Sort Order.This issue affects WP Sort Order: from n/a through 1.3.1. Update	CWE-862 Missing Authorization	CVE-2024-31294	2024-10-5 11:01	2024-06-9	Show	GitHub Exploit DB Packet Storm

13	8.8	HIGH Network	wpxpo	postx	Missing Authorization vulnerability in Post Grid Team by WPXPO PostX – Gutenberg Blocks for Post Grid.This issue affects PostX – Gutenberg Blocks for Post Grid: from n/a through 3.2.3. Update	CWE-862 Missing Authorization	CVE-2024-31246	2024-10-5 10:59	2024-06-9	Show	GitHub Exploit DB Packet Storm

14	9.8	CRITICAL Network	mrebabi	new_order_notification_for_woocommerce	Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through 2.0.2. Update	CWE-862 Missing Authorization	CVE-2024-31098	2024-10-5 10:54	2024-06-9	Show	GitHub Exploit DB Packet Storm

15	9.8	CRITICAL Network	rems	school_task_manager	Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter. Update	CWE-89 SQL Injection	CVE-2024-24142	2024-10-5 10:43	2024-02-14	Show	GitHub Exploit DB Packet Storm

16	9.8	CRITICAL Network	mainwp	staging_extension	Missing Authorization vulnerability in MainWP MainWP Staging Extension.This issue affects MainWP Staging Extension: from n/a through 4.0.3. Update	CWE-862 Missing Authorization	CVE-2023-23639	2024-10-5 10:37	2024-06-9	Show	GitHub Exploit DB Packet Storm

17	-		-	-	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Ca… New	-	CVE-2024-47849	2024-10-5 10:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

18	-		-	-	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross-Site Scripting (XSS).This issue af… New	-	CVE-2024-47847	2024-10-5 10:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

19	-		-	-	Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross Site Request Forgery.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1. New	-	CVE-2024-47846	2024-10-5 10:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

20	-		-	-	Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39… New	-	CVE-2024-47845	2024-10-5 10:15	2024-10-5	Show	GitHub Exploit DB Packet Storm