Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Sept. 28, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
195721	5	警告	Opera Software ASA	-	Opera におけるブラウザキャッシュ内の文書の存在を容易に推測される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4690	2011-12-12 16:33	2011-12-7	Show	GitHub Exploit DB Packet Storm

195722	5	警告	マイクロソフト	-	Microsoft Internet Explorer における文書の存在を容易に推測される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4689	2011-12-12 16:33	2011-12-7	Show	GitHub Exploit DB Packet Storm

195723	5	警告	Mozilla Foundation	-	Mozilla Firefox におけるブラウザキャッシュ内の文書の存在を容易に推測される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4688	2011-12-12 16:31	2011-12-7	Show	GitHub Exploit DB Packet Storm

195724	4.3	警告	Mozilla Foundation	-	複数の Mozilla 製品のレイアウトエンジンにおける重要な情報を取得される脆弱性	CWE-362 競合状態	CVE-2010-5074	2011-12-12 16:22	2010-03-31	Show	GitHub Exploit DB Packet Storm

195725	5	警告	Google	-	Google Chrome の JavaScript 実装における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5073	2011-12-12 16:21	2011-12-7	Show	GitHub Exploit DB Packet Storm

195726	5	警告	Opera Software ASA	-	Opera の JavaScript 実装における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5072	2011-12-12 16:20	2011-12-7	Show	GitHub Exploit DB Packet Storm

195727	5	警告	マイクロソフト	-	Microsoft Internet Explorer の JavaScript 実装における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5071	2011-12-12 16:19	2011-12-7	Show	GitHub Exploit DB Packet Storm

195728	5	警告	アップル	-	Apple Safari の JavaScript 実装における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5070	2011-12-12 16:17	2011-12-7	Show	GitHub Exploit DB Packet Storm

195729	4.3	警告	Google	-	Google Chrome の Cascading Style Sheets 実装における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-5069	2011-12-12 16:16	2011-12-7	Show	GitHub Exploit DB Packet Storm

195730	4.3	警告	Opera Software ASA	-	Opera の Cascading Style Sheets (CSS) 実装における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-5068	2011-12-12 16:14	2011-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Sept. 28, 2024, 8:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
21	6.4	MEDIUM Network	-	-	The Simple Popup Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [popup] shortcode in all versions up to, and including, 4.5 due to insufficient input saniti… New	CWE-79 Cross-site Scripting	CVE-2024-8547	2024-09-28 11:15	2024-09-28	Show	GitHub Exploit DB Packet Storm

22	10.0	CRITICAL Network	-	-	The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input vi… New	CWE-502 Deserialization of Untrusted Data	CVE-2024-8353	2024-09-28 11:15	2024-09-28	Show	GitHub Exploit DB Packet Storm

23	-		-	-	A vulnerability, which was classified as critical, has been found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. Affected by this issue is some unknown functionality of the file sav… New	CWE-89 SQL Injection	CVE-2024-9294	2024-09-28 07:15	2024-09-28	Show	GitHub Exploit DB Packet Storm

24	-		-	-	EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may le… New	-	CVE-2024-38796	2024-09-28 07:15	2024-09-28	Show	GitHub Exploit DB Packet Storm

25	-		-	-	HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old session information. New	-	CVE-2024-23586	2024-09-28 07:15	2024-09-28	Show	GitHub Exploit DB Packet Storm

26	8.0	HIGH Adjacent	tp-link	archer_c55_firmware archer_c50_v3_firmware	Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C5… Update	CWE-78 OS Command	CVE-2023-31188	2024-09-28 06:35	2023-09-6	Show	GitHub Exploit DB Packet Storm

27	8.0	HIGH Network	apache	airflow	The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the … Update	CWE-384 Session Fixation	CVE-2023-40273	2024-09-28 06:35	2023-08-24	Show	GitHub Exploit DB Packet Storm

28	8.2	HIGH Network	apache	ivy	Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy pr… Update	CWE-91 CWE-611 Blind XPath Injection XXE	CVE-2022-46751	2024-09-28 06:35	2023-08-21	Show	GitHub Exploit DB Packet Storm

29	6.1	MEDIUM Network	mm-breaking_news_project	mm-breaking_news	The MM-Breaking News WordPress plugin through 0.7.9 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting… Update	CWE-79 Cross-site Scripting	CVE-2024-8056	2024-09-28 06:29	2024-09-12	Show	GitHub Exploit DB Packet Storm

30	6.1	MEDIUM Network	mm-breaking_news_project	mm-breaking_news	The MM-Breaking News WordPress plugin through 0.7.9 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add S… Update	CWE-79 Cross-site Scripting	CVE-2024-8054	2024-09-28 06:29	2024-09-12	Show	GitHub Exploit DB Packet Storm