Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Sept. 28, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195801 7.5 危険 Jextensions - Joomla! 用 JExtensions JE Story Submit コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5022 2011-12-9 13:55 2011-11-2 Show GitHub Exploit DB Packet Storm
195802 7.5 危険 Cramer Development - Digital Interchange Calendar における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5023 2011-12-9 13:54 2011-11-2 Show GitHub Exploit DB Packet Storm
195803 6 警告 CuteSITE - CuteSITE CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5024 2011-12-9 13:54 2011-11-2 Show GitHub Exploit DB Packet Storm
195804 4.3 警告 CuteSITE - CuteSITE CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5025 2011-12-9 13:50 2011-11-2 Show GitHub Exploit DB Packet Storm
195805 6.8 警告 Lightbox Technologies Inc. - Science Fair In A Box における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5026 2011-12-9 13:50 2011-11-2 Show GitHub Exploit DB Packet Storm
195806 4.3 警告 Lightbox Technologies Inc. - Science Fair In A Box におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5027 2011-12-9 13:49 2011-11-2 Show GitHub Exploit DB Packet Storm
195807 7.5 危険 Jextensions - Joomla! 用 JExtensions JE Job のコンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5028 2011-12-9 13:48 2011-11-2 Show GitHub Exploit DB Packet Storm
195808 7.5 危険 codefabrik gmbh - Ecomat CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5029 2011-12-9 13:47 2011-11-2 Show GitHub Exploit DB Packet Storm
195809 4.3 警告 codefabrik gmbh - Ecomat CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5030 2011-12-9 13:46 2011-11-2 Show GitHub Exploit DB Packet Storm
195810 4.3 警告 fileNice - fileNice の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5031 2011-12-9 13:45 2011-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Sept. 28, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
101 - - - Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the e… New CWE-306
Missing Authentication for Critical Function 		CVE-2024-39364 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
102 - - - Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an … New - CVE-2024-39275 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
103 - - - Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP… New CWE-79
Cross-site Scripting 		CVE-2024-38308 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
104 - - - Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding. New CWE-261
 Weak Encoding for Password 		CVE-2024-37187 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
105 - - - Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process. New CWE-261
 Weak Encoding for Password 		CVE-2024-34542 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
106 - - - Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites fro… New CWE-352
 Origin Validation Error 		CVE-2024-28948 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
107 - - - A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field. New - CVE-2024-25412 2024-09-28 03:15 2024-09-28 Show GitHub Exploit DB Packet Storm
108 7.5 HIGH
Network 		juniper junos
junos_os_evolved 		An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial o… Update CWE-20
 Improper Input Validation  		CVE-2023-4481 2024-09-28 03:15 2023-09-1 Show GitHub Exploit DB Packet Storm
109 6.5 MEDIUM
Network 		elliot ilc_thickbox The ILC Thickbox WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack Update CWE-352
 Origin Validation Error 		CVE-2024-7820 2024-09-28 03:08 2024-09-12 Show GitHub Exploit DB Packet Storm
110 9.1 CRITICAL
Network 		matter-labs zkvyper zkvyper is a Vyper compiler. Starting in version 1.3.12 and prior to version 1.5.3, since LLL IR has no Turing-incompletness restrictions, it is compiled to a loop with a much more late exit conditio… Update CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2024-43366 2024-09-28 03:08 2024-08-16 Show GitHub Exploit DB Packet Storm