Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Sept. 29, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
196401	5.6	警告	オラクル	-	Oracle Solaris における Process File System (procfs) の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-3515	2011-10-27 16:09	2011-10-18	Show	GitHub Exploit DB Packet Storm

196402	9.3	危険	オラクル	-	Oracle Solaris における LDAP library の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-3508	2011-10-27 16:09	2011-10-18	Show	GitHub Exploit DB Packet Storm

196403	4.3	警告	オラクル	-	Oracle Solaris における ZFS の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-2313	2011-10-27 16:08	2011-10-18	Show	GitHub Exploit DB Packet Storm

196404	5	警告	オラクル	-	Oracle Supply Chain Products Suite の Oracle Agile Product Supplier Collaboration for Process コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-3532	2011-10-27 16:06	2011-10-18	Show	GitHub Exploit DB Packet Storm

196405	4.3	警告	オラクル	-	Oracle Industry Applications の Health Sciences - Oracle Thesaurus Management System コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-2323	2011-10-27 10:07	2011-10-18	Show	GitHub Exploit DB Packet Storm

196406	4.3	警告	オラクル	-	Oracle Industry Applications の Health Sciences - Oracle Clinical、Remote Data Capture における脆弱性	CWE-noinfo 情報不足	CVE-2011-2309	2011-10-27 10:07	2011-10-18	Show	GitHub Exploit DB Packet Storm

196407	6.8	警告	オラクル	-	Oracle Virtualization の Sun Ray コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-3538	2011-10-27 10:06	2011-10-18	Show	GitHub Exploit DB Packet Storm

196408	5.5	警告	オラクル	-	Oracle Linux の Oracle Validated 処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-2306	2011-10-27 10:05	2011-10-19	Show	GitHub Exploit DB Packet Storm

196409	2.1	注意	オラクル	-	複数の Oracle Sun 製品における Integrated Lights Out Manager CLI の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-3522	2011-10-27 10:04	2011-10-18	Show	GitHub Exploit DB Packet Storm

196410	5.5	警告	オラクル	-	Oracle PeopleSoft Enterprise HRMS における JPM の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-3533	2011-10-27 10:03	2011-10-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Sept. 30, 2024, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
591	4.3	MEDIUM Network	infiniteuploads	big_file_uploads	The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. This is due the plugin not sanitizing … Update	CWE-22 Path Traversal	CVE-2024-8538	2024-09-27 01:28	2024-09-7	Show	GitHub Exploit DB Packet Storm

592	9.8	CRITICAL Network	wpcharitable	charitable	The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. Thi… Update	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-8791	2024-09-27 01:25	2024-09-24	Show	GitHub Exploit DB Packet Storm

593	5.3	MEDIUM Network	ba-booking	ba_book_everything	The BA Book Everything plugin for WordPress is vulnerable to arbitrary password reset in all versions up to, and including, 1.6.20. This is due to the reset_user_password() function not verifying a u… Update	NVD-CWE-Other	CVE-2024-8794	2024-09-27 01:23	2024-09-24	Show	GitHub Exploit DB Packet Storm

594	6.1	MEDIUM Network	ninjaforms	ninja_forms_file_uploads	The Ninja Forms - File Uploads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded file (e.g. RTX file) in all versions up to, and including, 3.3.16 due to insufficient … Update	CWE-79 Cross-site Scripting	CVE-2024-1596	2024-09-27 01:23	2024-09-7	Show	GitHub Exploit DB Packet Storm

595	5.4	MEDIUM Network	master-addons	master_addons	The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-jltma-wrapper-link element… Update	CWE-79 Cross-site Scripting	CVE-2024-6282	2024-09-27 01:19	2024-09-10	Show	GitHub Exploit DB Packet Storm

596	4.3	MEDIUM Network	-	-	The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capa… New	CWE-862 Missing Authorization	CVE-2024-8771	2024-09-27 01:15	2024-09-27	Show	GitHub Exploit DB Packet Storm

597	4.4	MEDIUM Network	-	-	A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext. New	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-7259	2024-09-27 01:15	2024-09-27	Show	GitHub Exploit DB Packet Storm

598	-		-	-	Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function. New	-	CVE-2024-46632	2024-09-27 01:15	2024-09-27	Show	GitHub Exploit DB Packet Storm

599	-		-	-	A Cross-Site Request Forgery (CSRF) vulnerability exists in kishan0725's Hospital Management System version 6.3.5. The vulnerability allows an attacker to craft a malicious HTML form that submits a r… New	-	CVE-2024-45983	2024-09-27 01:15	2024-09-27	Show	GitHub Exploit DB Packet Storm

600	7.2	HIGH Network	-	-	IBM ManageIQ could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted yaml file request. New	CWE-502 Deserialization of Untrusted Data	CVE-2024-43191	2024-09-27 01:15	2024-09-27	Show	GitHub Exploit DB Packet Storm