Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 14, 2024, 12:10 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198431	4	警告	シックス・アパート株式会社	-	Movable Type におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-0317	2012-02-23 12:03	2012-02-23	Show	GitHub Exploit DB Packet Storm

198432	6	警告	Broadwin アドバンテック株式会社	-	Advantech/BroadWin WebAccess におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-1235	2012-02-23 11:47	2012-02-21	Show	GitHub Exploit DB Packet Storm

198433	6.5	警告	Broadwin アドバンテック株式会社	-	Advantech/BroadWin WebAccess における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-1234	2012-02-23 11:46	2012-02-21	Show	GitHub Exploit DB Packet Storm

198434	7.5	危険	Broadwin アドバンテック株式会社	-	Advantech/BroadWin WebAccess における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0244	2012-02-23 11:41	2012-02-21	Show	GitHub Exploit DB Packet Storm

198435	7.5	危険	Broadwin アドバンテック株式会社	-	Advantech/BroadWin WebAccess の ActiveX コントロールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-0243	2012-02-23 11:40	2012-02-21	Show	GitHub Exploit DB Packet Storm

198436	7.5	危険	Broadwin アドバンテック株式会社	-	Advantech/BroadWin WebAccess におけるフォーマットストリングの脆弱性	CWE-134 書式文字列の問題	CVE-2012-0242	2012-02-23 11:37	2012-02-21	Show	GitHub Exploit DB Packet Storm

198437	5	警告	Broadwin アドバンテック株式会社	-	Advantech/BroadWin WebAccess におけるサービス運用妨害 (メモリ破損) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-0241	2012-02-23 11:36	2012-02-21	Show	GitHub Exploit DB Packet Storm

198438	7.5	危険	Broadwin アドバンテック株式会社	-	Advantech/BroadWin WebAccess の GbScriptAddUp.asp における任意のコードを実行される脆弱性	CWE-287 不適切な認証	CVE-2012-0240	2012-02-23 11:33	2012-02-21	Show	GitHub Exploit DB Packet Storm

198439	5	警告	Broadwin アドバンテック株式会社	-	Advantech/BroadWin WebAccess の uaddUpAdmin.asp における管理者パスワードを変更される脆弱性	CWE-287 不適切な認証	CVE-2012-0239	2012-02-23 11:32	2012-02-21	Show	GitHub Exploit DB Packet Storm

198440	7.5	危険	Broadwin アドバンテック株式会社	-	Advantech/BroadWin WebAccess の opcImg.asp におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-0238	2012-02-23 11:29	2012-02-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 14, 2024, 6:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1081	-		-	-	SQL injection vulnerability exists in OS4ED openSIS-Classic Version 9.1, specifically in the resetuserinfo.php file. The vulnerability is due to improper input validation of the $username_stn_id para… Update	-	CVE-2024-51211	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

1082	-		-	-	hopetree izone lts c011b48 contains a server-side request forgery (SSRF) vulnerability in the active push function as \\apps\\tool\\apis\\bd_push.py does not securely filter user input through push_u… Update	-	CVE-2024-50811	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

1083	-		-	-	hopetree izone lts c011b48 contains a Cross Site Scripting (XSS) vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView() does not securely filter user input and ren… Update	-	CVE-2024-50810	2024-11-12 22:56	2024-11-9	Show	GitHub Exploit DB Packet Storm

1084	5.3	MEDIUM Network	-	-	A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.16.0 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions < V10.12… New	CWE-362 Race Condition	CVE-2024-50313	2024-11-12 22:55	2024-11-12	Show	GitHub Exploit DB Packet Storm

1085	6.8	MEDIUM Network	-	-	A vulnerability has been identified in OZW672 (All versions < V5.2), OZW772 (All versions < V5.2). The user accounts tab of affected devices is vulnerable to stored cross-site scripting (XSS) attacks… New	CWE-79 Cross-site Scripting	CVE-2024-36140	2024-11-12 22:55	2024-11-12	Show	GitHub Exploit DB Packet Storm

1086	7.8	HIGH Local	-	-	A vulnerability has been identified in Spectrum Power 7 (All versions < V24Q3). The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to esca… New	-	CVE-2024-29119	2024-11-12 22:55	2024-11-12	Show	GitHub Exploit DB Packet Storm

1087	7.3	HIGH Local	-	-	A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 Safety V16 (All versions), SIMATIC STEP 7 Safety V17 (All versions < … New	CWE-502 Deserialization of Untrusted Data	CVE-2023-32736	2024-11-12 22:55	2024-11-12	Show	GitHub Exploit DB Packet Storm

1088	9.8	CRITICAL Network	-	-	The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. This is due to incorrect authentication and capability checking in the 'rl_do_ajax' f… New	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2024-10245	2024-11-12 22:55	2024-11-12	Show	GitHub Exploit DB Packet Storm

1089	-		-	-	The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.0.18 due to insufficient input san… New	CWE-79 Cross-site Scripting	CVE-2024-10323	2024-11-12 22:55	2024-11-12	Show	GitHub Exploit DB Packet Storm

1090	6.4	MEDIUM Network	-	-	The Slickstream: Engagement and Conversions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slick-grid shortcode in all versions up to, and including, 1.4.4 due to … New	-	CVE-2024-10179	2024-11-12 22:55	2024-11-12	Show	GitHub Exploit DB Packet Storm