Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Sept. 27, 2024, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195911 7.8 危険 シスコシステムズ - Cisco TelePresence Recording サーバデバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0391 2011-11-29 10:34 2011-02-23 Show GitHub Exploit DB Packet Storm
195912 7.8 危険 シスコシステムズ - Cisco TelePresence Multipoint Switch デバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0390 2011-11-29 10:33 2011-02-23 Show GitHub Exploit DB Packet Storm
195913 7.8 危険 シスコシステムズ - Cisco TelePresence Multipoint Switch デバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0389 2011-11-29 10:32 2011-02-23 Show GitHub Exploit DB Packet Storm
195914 7.8 危険 シスコシステムズ - Cisco TelePresence Recording Server および Cisco TelePresence Multipoint Switch における脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0388 2011-11-29 10:31 2011-02-23 Show GitHub Exploit DB Packet Storm
195915 8 危険 シスコシステムズ - Cisco TelePresence Multipoint Switch (CTMS) デバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-0387 2011-11-29 10:31 2011-02-23 Show GitHub Exploit DB Packet Storm
195916 9.3 危険 シスコシステムズ - Cisco TelePresence Recording Server 上の XML-RPC の実装におけるファイルを上書きされる脆弱性 CWE-94
コード・インジェクション 		CVE-2011-0386 2011-11-29 10:30 2011-02-23 Show GitHub Exploit DB Packet Storm
195917 10 危険 シスコシステムズ - Cisco TelePresence Recording Server および Cisco TelePresence Multipoint Switch における脆弱性 CWE-Other
その他 		CVE-2011-0385 2011-11-29 10:29 2011-02-23 Show GitHub Exploit DB Packet Storm
195918 10 危険 シスコシステムズ - Cisco TelePresence Multipoint Switch における任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2011-0384 2011-11-29 10:28 2011-02-23 Show GitHub Exploit DB Packet Storm
195919 10 危険 シスコシステムズ - Cisco TelePresence Recording Server および Cisco TelePresence Multipoint Switch における脆弱性 CWE-287
不適切な認証 		CVE-2011-0383 2011-11-29 10:27 2011-02-23 Show GitHub Exploit DB Packet Storm
195920 10 危険 シスコシステムズ - Cisco TelePresence Recording Server における任意のコードを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2011-0382 2011-11-29 09:55 2011-02-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Sept. 27, 2024, 4:12 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
31 5.4 MEDIUM
Network 		pixelgrade nova_blocks The Nova Blocks by Pixelgrade plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' attribute of the 'wp:separator' Gutenberg block in all versions up to, and including, 2… Update CWE-79
Cross-site Scripting 		CVE-2024-8241 2024-09-27 07:03 2024-09-10 Show GitHub Exploit DB Packet Storm
32 4.3 MEDIUM
Network 		themeum tutor_lms The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.4. This is due to missing or incorrect nonce validation on the 'addon_enable_disab… Update CWE-352
 Origin Validation Error 		CVE-2023-2919 2024-09-27 06:59 2024-09-10 Show GitHub Exploit DB Packet Storm
33 8.8 HIGH
Network 		ultimatemember forumwp The ForumWP – Forum & Discussion Board Plugin plugin for WordPress is vulnerable to Privilege Escalation via Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the submi… Update CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-8428 2024-09-27 06:58 2024-09-6 Show GitHub Exploit DB Packet Storm
34 8.8 HIGH
Network 		tribulant newsletters The Newsletters plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 4.9.9.2. This is due to the plugin not restricting what user meta can be updated as sc… Update NVD-CWE-noinfo
CVE-2024-8247 2024-09-27 06:49 2024-09-6 Show GitHub Exploit DB Packet Storm
35 4.3 MEDIUM
Network 		jetplugs revision_manager_tmc The Revision Manager TMC plugin for WordPress is vulnerable to unauthorized arbitrary email sending due to a missing capability check on the _a_ajaxQuickEmailTestCallback() function in all versions u… Update CWE-862
 Missing Authorization 		CVE-2024-7622 2024-09-27 06:42 2024-09-6 Show GitHub Exploit DB Packet Storm
36 7.5 HIGH
Network 		openplcproject openplc_v3_firmware Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet… Update CWE-704
 Incorrect Type Conversion or Cast 		CVE-2024-39589 2024-09-27 06:36 2024-09-19 Show GitHub Exploit DB Packet Storm
37 - - - A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is… New - CVE-2024-45986 2024-09-27 06:35 2024-09-27 Show GitHub Exploit DB Packet Storm
38 - - - Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. New - CVE-2024-46628 2024-09-27 06:35 2024-09-27 Show GitHub Exploit DB Packet Storm
39 8.8 HIGH
Network 		jenkins ssh2_easy Jenkins SSH2 Easy Plugin 1.4 and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overa… Update CWE-281
 Improper Preservation of Permissions 		CVE-2023-41939 2024-09-27 06:35 2023-09-6 Show GitHub Exploit DB Packet Storm
40 8.8 HIGH
Adjacent 		tp-link archer_c55_firmware
archer_c50_v3_firmware 		Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which… Update CWE-798
 Use of Hard-coded Credentials 		CVE-2023-32619 2024-09-27 06:35 2023-09-6 Show GitHub Exploit DB Packet Storm