Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
197391 7.5 危険 ezonescripts - eZoneScripts Dating Website script における任意のコードを実行される脆弱性 CWE-Other
その他
CVE-2008-6987 2012-06-26 16:10 2009-08-19 Show GitHub Exploit DB Packet Storm
197392 7.5 危険 devalcms - devalcms の modules/tool/hitcounter.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2008-6983 2012-06-26 16:10 2009-08-19 Show GitHub Exploit DB Packet Storm
197393 4.3 警告 devalcms - devalcms の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2008-6982 2012-06-26 16:10 2009-08-19 Show GitHub Exploit DB Packet Storm
197394 6.8 警告 fullrevolution - Full Revolution aspWebAlbum における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2008-6978 2012-06-26 16:10 2009-08-19 Show GitHub Exploit DB Packet Storm
197395 4.3 警告 fullrevolution - Full Revolution aspWebAlbum の album.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2008-6977 2012-06-26 16:10 2009-08-19 Show GitHub Exploit DB Packet Storm
197396 6.8 警告 dd-wrt - DD-WRT 24 sp2 の apply.cgi におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2008-6975 2012-06-26 16:10 2009-07-20 Show GitHub Exploit DB Packet Storm
197397 6.8 警告 dd-wrt - DD-WRT 24 sp1 の apply.cgi におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2008-6974 2012-06-26 16:10 2009-07-20 Show GitHub Exploit DB Packet Storm
197398 5 警告 Alt-N - WorldClient in Alt-N MDaemon における詳細不明な脆弱性 CWE-noinfo
情報不足
CVE-2008-6967 2012-06-26 16:10 2009-08-13 Show GitHub Exploit DB Packet Storm
197399 7.5 危険 aj square - AJ Square AJ Auction Pro Platinum Skin #1 における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2008-6966 2012-06-26 16:10 2009-08-13 Show GitHub Exploit DB Packet Storm
197400 7.5 危険 aj square - AJ Square AJ Auction OOPD における認証を回避される脆弱性 CWE-287
不適切な認証
CVE-2008-6965 2012-06-26 16:10 2009-08-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 21, 2025, 4:08 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1961 - - - Discourse is an open source platform for community discussion. An attacker can execute arbitrary JavaScript on users' browsers by posting a maliciously crafted onebox url. This issue only affects sit… CWE-79
Cross-site Scripting
CVE-2024-56328 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1962 - - - Discourse is an open source platform for community discussion. PM titles and metadata can be read by other users when the "PM tags allowed for groups" option is enabled, the other user is a member of… CWE-200
Information Exposure
CVE-2024-56197 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1963 - - - Discourse is an open source platform for community discussion. In affected versions an attacker can make craft an XHR request to poison the anonymous cache (for example, the cache may have a response… CWE-346
 Origin Validation Error
CVE-2024-55948 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1964 2.7 LOW
Network
- - IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This inform… CWE-209
Information Exposure Through an Error Message
CVE-2024-45658 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1965 5.0 MEDIUM
Local
- - IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment. CWE-732
 Incorrect Permission Assignment for Critical Resource
CVE-2024-45657 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1966 5.9 MEDIUM
Network
- - IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized acto… CWE-319
Cleartext Transmission of Sensitive Information
CVE-2024-43187 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1967 6.1 MEDIUM
Network
- - IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript cod… CWE-79
Cross-site Scripting
CVE-2024-40700 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1968 6.5 MEDIUM
Network
- - IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transm… CWE-352
 Origin Validation Error
CVE-2024-35138 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1969 - - - The Widget4Call WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against … - CVE-2024-13099 2025-02-5 06:15 2025-02-1 Show GitHub Exploit DB Packet Storm
1970 - - - The WordPress Email Newsletter WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be … - CVE-2024-13098 2025-02-5 06:15 2025-02-1 Show GitHub Exploit DB Packet Storm