Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Sept. 29, 2024, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195741 5 警告 Opera Software ASA - Opera の Web Workers 実装におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-4686 2011-12-9 16:06 2011-12-7 Show GitHub Exploit DB Packet Storm
195742 5 警告 Opera Software ASA - Opera の Dragonfly におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4685 2011-12-9 16:05 2011-12-7 Show GitHub Exploit DB Packet Storm
195743 10 危険 Opera Software ASA - Opera における証明書失効の処理に関する詳細不明な脆弱性 CWE-310
暗号の問題 		CVE-2011-4684 2011-12-9 16:05 2011-12-7 Show GitHub Exploit DB Packet Storm
195744 10 危険 Opera Software ASA - Opera における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2011-4683 2011-12-9 16:04 2011-12-7 Show GitHub Exploit DB Packet Storm
195745 6.4 警告 Opera Software ASA - Opera の JavaScript エンジンにおける同一生成元ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4682 2011-12-9 16:03 2011-12-7 Show GitHub Exploit DB Packet Storm
195746 5 警告 Opera Software ASA - Opera における同一生成元ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4681 2011-12-9 16:03 2011-12-7 Show GitHub Exploit DB Packet Storm
195747 7.5 危険 Webmaster-Tips - Joomla! 用 webmaster-tips.net Flash Gallery コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4968 2011-12-9 14:45 2011-11-1 Show GitHub Exploit DB Packet Storm
195748 7.5 危険 BrotherScripts - BrotherScripts Business Directory の articlesdetails.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4969 2011-12-9 14:44 2011-11-1 Show GitHub Exploit DB Packet Storm
195749 7.5 危険 wikiwebhelp - Wiki Web Help の handlers/getpage.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4970 2011-12-9 14:44 2011-11-1 Show GitHub Exploit DB Packet Storm
195750 7.5 危険 YPNinc - YPNinc JokeScript の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4972 2011-12-9 14:43 2011-11-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Sept. 29, 2024, 12:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221 - - - authentik is an open-source identity provider. Prior to versions 2024.8.3 and 2024.6.5, access tokens issued to one application can be stolen by that application and used to impersonate the user agai… New CWE-863
 Incorrect Authorization 		CVE-2024-47077 2024-09-28 01:15 2024-09-28 Show GitHub Exploit DB Packet Storm
222 - - - authentik is an open-source identity provider. A vulnerability that exists in versions prior to 2024.8.3 and 2024.6.5 allows bypassing password login by adding X-Forwarded-For header with an unparsab… New CWE-287
Improper Authentication 		CVE-2024-47070 2024-09-28 01:15 2024-09-28 Show GitHub Exploit DB Packet Storm
223 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for El… Update CWE-79
Cross-site Scripting 		CVE-2024-38674 2024-09-28 01:15 2024-07-20 Show GitHub Exploit DB Packet Storm
224 - - - Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis si… Update - CVE-2023-51392 2024-09-28 01:15 2024-02-24 Show GitHub Exploit DB Packet Storm
225 - - - Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and earlier. Update - CVE-2023-6640 2024-09-28 01:15 2024-02-22 Show GitHub Exploit DB Packet Storm
226 - - - Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the controller to assume the end device has left the network. After this, frames sent by the end device wil… Update - CVE-2023-6533 2024-09-28 01:15 2024-02-22 Show GitHub Exploit DB Packet Storm
227 6.8 MEDIUM
Physics 		silabs gecko_software_development_kit Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except EFR32xG21B. Update CWE-909
 Missing Initialization of Resource 		CVE-2023-5138 2024-09-28 01:15 2024-01-4 Show GitHub Exploit DB Packet Storm
228 6.5 MEDIUM
Adjacent 		silabs z-wave_software_development_kit A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint devices running Z-Wave SDK v7.20.3 (Gecko SDK v4.3.3) and earlier. This attack can be carried out only by d… Update NVD-CWE-noinfo
CVE-2023-5310 2024-09-28 01:15 2023-12-16 Show GitHub Exploit DB Packet Storm
229 8.8 HIGH
Network 		dedecms dedecms A vulnerability was found in DedeCMS up to 5.7.115. It has been rated as critical. This issue affects some unknown processing of the file article_string_mix.php. The manipulation leads to os command … Update CWE-78
OS Command  		CVE-2024-9076 2024-09-28 01:14 2024-09-22 Show GitHub Exploit DB Packet Storm
230 7.3 HIGH
Network 		webliberty simple_spoiler The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3. This is due to the plugin adding the filter add_filter('comment_text', 'do_shortcode… Update CWE-94
Code Injection 		CVE-2024-8479 2024-09-28 01:12 2024-09-14 Show GitHub Exploit DB Packet Storm