Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Sept. 30, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195931 4.3 警告 VideoWhisper.com - VideoWhisper PHP 2 Way Video Chat コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4971 2011-12-9 14:19 2011-11-2 Show GitHub Exploit DB Packet Storm
195932 7.5 危険 OlyKit - OlyKit Swoopo Clone 2010 の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4997 2011-12-9 14:18 2011-11-2 Show GitHub Exploit DB Packet Storm
195933 7.5 危険 Maulana Al Matien - ardeaCore PHP Framework におけるリモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4998 2011-12-9 14:18 2011-11-2 Show GitHub Exploit DB Packet Storm
195934 7.5 危険 Joe Pieruccini - MCLogin System の login/login_index.php におけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5000 2011-12-9 14:17 2011-11-2 Show GitHub Exploit DB Packet Storm
195935 7.5 危険 2daybiz - 2daybiz Polls Script の searchvote.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5004 2011-12-9 14:16 2011-11-2 Show GitHub Exploit DB Packet Storm
195936 4.3 警告 Rayzz - Rayzz Photoz の members/profileCommentsResponse.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5005 2011-12-9 14:15 2011-11-2 Show GitHub Exploit DB Packet Storm
195937 7.5 危険 Emophp Programming - EMO Realty Manager の googlemap/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5006 2011-12-9 14:15 2011-11-2 Show GitHub Exploit DB Packet Storm
195938 4.3 警告 ut-files - UTStats の pages/match_report.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5007 2011-12-9 14:14 2011-11-2 Show GitHub Exploit DB Packet Storm
195939 7.5 危険 Denali - BrightSuite Groupware における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5008 2011-12-9 14:13 2011-11-2 Show GitHub Exploit DB Packet Storm
195940 7.5 危険 ut-files - UTStats の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5009 2011-12-9 14:12 2011-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Sept. 30, 2024, 8:11 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
711 - - - Power Platform Terraform Provider allows managing environments and other resources within Power Platform. Versions prior to 3.0.0 have an issue in the Power Platform Terraform Provider where sensitiv… - CVE-2024-47083 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
712 - - - Cross Site Scripting vulnerability in ZKTeco WDMS v.5.1.3 Pro allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the Emp Name parameter. - CVE-2023-51157 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
713 - - - Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.15.1. - CVE-2024-47315 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
714 - - - Cross-Site Request Forgery (CSRF) vulnerability in Dnesscarkey Use Any Font allows Cross Site Request Forgery.This issue affects Use Any Font: from n/a through 6.3.08. CWE-352
 Origin Validation Error 		CVE-2024-47305 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
715 - - - Strawberry GraphQL is a library for creating GraphQL APIs. Prior to version 0.243.0, multipart file upload support as defined in the GraphQL multipart request specification was enabled by default in … CWE-352
 Origin Validation Error 		CVE-2024-47082 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
716 - - - A reflected cross-site scripting (XSS) vulnerability in Ellevo 6.2.0.38160 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload or URL. - CVE-2024-46655 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
717 - - - sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npy_token_next function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. - CVE-2024-46488 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
718 - - - An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows Enterprise VPN Client 7.5.007 (and older), Android VPN Client 6.4… - CVE-2024-45750 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
719 - - - Library MDF (mdflib) v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function - CVE-2024-41445 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm
720 - - - A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. … - CVE-2024-20496 2024-09-26 22:32 2024-09-26 Show GitHub Exploit DB Packet Storm