Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 4, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
195701	4.3	警告	SimpleSAMLphp	-	SimpleSAMLphp の modules/core/www/no_cookie.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0040	2012-01-25 14:16	2012-01-24	Show	GitHub Exploit DB Packet Storm

195702	7.5	危険	Stoneware	-	Stoneware webNetwork における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0912	2012-01-25 14:15	2012-01-23	Show	GitHub Exploit DB Packet Storm

195703	6.8	警告	Stoneware	-	Stoneware webNetwork におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-0286	2012-01-25 14:14	2012-01-23	Show	GitHub Exploit DB Packet Storm

195704	4.3	警告	Stoneware	-	Stoneware webNetwork におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0285	2012-01-25 14:13	2012-01-23	Show	GitHub Exploit DB Packet Storm

195705	5.8	警告	NeoAxis	-	NeoAxis web player におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-0907	2012-01-25 11:24	2012-01-20	Show	GitHub Exploit DB Packet Storm

195706	7.5	危険	deV!L'z Clanportal	-	deV!L'z Clanportal (DZCP) の Moviebase アドオンにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0906	2012-01-25 11:00	2012-01-20	Show	GitHub Exploit DB Packet Storm

195707	7.5	危険	deV!L'z Clanportal	-	deV!L'z Clanportal (DZCP) の Gamebase アドオンにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0905	2012-01-25 10:57	2012-01-20	Show	GitHub Exploit DB Packet Storm

195708	4.3	警告	VideoLAN	-	VLC media player におけるサービス運用妨害 (クラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-0904	2012-01-25 10:54	2012-01-20	Show	GitHub Exploit DB Packet Storm

195709	4.3	警告	VMware	-	VMware Zimbra Desktop におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0903	2012-01-25 10:51	2012-01-20	Show	GitHub Exploit DB Packet Storm

195710	5	警告	AirTies	-	AirTies Air 4450 におけるサービス運用妨害 (リブート) の脆弱性	CWE-noinfo 情報不足	CVE-2012-0902	2012-01-25 10:43	2012-01-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 4, 2024, 8:12 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
381	-		-	-	A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in … New	-	CVE-2024-20500	2024-10-3 04:15	2024-10-3	Show	GitHub Exploit DB Packet Storm

382	-		-	-	Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS cond… New	-	CVE-2024-20499	2024-10-3 04:15	2024-10-3	Show	GitHub Exploit DB Packet Storm

383	-		-	-	Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS cond… New	-	CVE-2024-20498	2024-10-3 04:15	2024-10-3	Show	GitHub Exploit DB Packet Storm

384	9.8	CRITICAL Network	stellarwp	the_events_calendar	The The Events Calendar plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'tribe_has_next_event' function in all versions up to, and including, 6.6.4 due to insuffi… Update	CWE-89 SQL Injection	CVE-2024-8275	2024-10-3 04:14	2024-09-25	Show	GitHub Exploit DB Packet Storm

385	5.3	MEDIUM Network	revolut	revolut_gateway_for_woocommerce	The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wc/v3/revolut REST API endpoint in all versions u… Update	CWE-862 Missing Authorization	CVE-2024-8678	2024-10-3 04:06	2024-09-25	Show	GitHub Exploit DB Packet Storm

386	5.4	MEDIUM Network	livemeshelementor	addons_for_elementor	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Elementor allows Stored XSS.This issue affects Livemesh Addon… Update	CWE-79 Cross-site Scripting	CVE-2024-47303	2024-10-3 04:00	2024-09-25	Show	GitHub Exploit DB Packet Storm

387	5.4	MEDIUM Network	wpmet	elementskit_elementor_addons	The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video widget in all versions up to, and including, 3.2.7 due to insufficient input … Update	CWE-79 Cross-site Scripting	CVE-2024-8546	2024-10-3 03:56	2024-09-25	Show	GitHub Exploit DB Packet Storm

388	5.4	MEDIUM Network	livemeshelementor	addons_for_elementor	The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechart_settings’ parameter in all versions up to, and including, 8.5 due to insufficient … Update	CWE-79 Cross-site Scripting	CVE-2024-8858	2024-10-3 03:41	2024-09-25	Show	GitHub Exploit DB Packet Storm

389	5.3	MEDIUM Network	mycred	mycred	The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress… Update	CWE-862 Missing Authorization	CVE-2024-8658	2024-10-3 03:36	2024-09-25	Show	GitHub Exploit DB Packet Storm

390	7.8	HIGH Local	google	android	In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges Update	CWE-862 Missing Authorization	CVE-2023-38464	2024-10-3 03:35	2023-09-4	Show	GitHub Exploit DB Packet Storm