Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198511 6.9 警告 マイクロソフト - Microsoft Visual Studio における権限昇格の脆弱性 CWE-Other
その他 		CVE-2012-0008 2012-03-19 15:27 2012-03-13 Show GitHub Exploit DB Packet Storm
198512 4.3 警告 マイクロソフト - Microsoft Windows Server 2008 および Windows 7 の RDP サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0152 2012-03-19 15:27 2012-03-13 Show GitHub Exploit DB Packet Storm
198513 4.3 警告 マイクロソフト - 複数の Microsoft Windows 製品の DirectWrite におけるサービス運用妨害 (アプリケーションハング) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0156 2012-03-19 15:26 2012-03-13 Show GitHub Exploit DB Packet Storm
198514 7.2 危険 マイクロソフト - 複数の Microsoft Windows 製品の win32k.sys における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0157 2012-03-19 15:25 2012-03-13 Show GitHub Exploit DB Packet Storm
198515 5 警告 マイクロソフト - Microsoft Windows Server 2003 および 2008 の DNS サーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-0006 2012-03-19 15:24 2012-03-13 Show GitHub Exploit DB Packet Storm
198516 10 危険 ACCESS - Android用 NetFront Life Browser アプリケーションにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2012-1485 2012-03-19 14:17 2012-03-15 Show GitHub Exploit DB Packet Storm
198517 10 危険 WaliSMS - Android用 WaliSMS CN アプリケーションにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2012-1484 2012-03-19 14:16 2012-03-15 Show GitHub Exploit DB Packet Storm
198518 10 危険 Zhou Bo - Android用 Message Forwarder アプリケーションにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2012-1483 2012-03-19 14:15 2012-03-15 Show GitHub Exploit DB Packet Storm
198519 10 危険 CooTek - Android 用 TouchPal Contacts アプリケーションにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2012-1482 2012-03-19 14:09 2012-03-15 Show GitHub Exploit DB Packet Storm
198520 10 危険 Kashif Masud - Android 用 Textdroid アプリケーションにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2012-1481 2012-03-19 14:06 2012-03-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 19, 2024, 5:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2451 8.8 HIGH
Network 		fileorganizer fileorganizer The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizer_ajax_handler" function in… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-7985 2024-11-9 00:22 2024-10-30 Show GitHub Exploit DB Packet Storm
2452 4.8 MEDIUM
Network 		robosoft robo_gallery Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RoboSoft Robo Gallery allows Stored XSS.This issue affects Robo Gallery: from n/a through … CWE-79
Cross-site Scripting 		CVE-2024-49696 2024-11-9 00:21 2024-10-24 Show GitHub Exploit DB Packet Storm
2453 6.5 MEDIUM
Network 		63moons aero
wave_2.0 		This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at the API response. An authenticated remote attacker could exploit this vulnerability by manipulating a pa… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2024-51556 2024-11-9 00:20 2024-11-4 Show GitHub Exploit DB Packet Storm
2454 5.4 MEDIUM
Network 		spiffyplugins wp_flow_plus Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a th… CWE-79
Cross-site Scripting 		CVE-2024-49695 2024-11-9 00:20 2024-10-24 Show GitHub Exploit DB Packet Storm
2455 6.5 MEDIUM
Network 		63moons aero
wave_2.0 		This vulnerability exists in the Wave 2.0 due to missing authorization check on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter “u… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-51559 2024-11-9 00:19 2024-11-4 Show GitHub Exploit DB Packet Storm
2456 9.8 CRITICAL
Network 		63moons aero
wave_2.0 		This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conduc… CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2024-51558 2024-11-9 00:19 2024-11-4 Show GitHub Exploit DB Packet Storm
2457 6.5 MEDIUM
Network 		63moons aero
wave_2.0 		This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP re… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2024-51557 2024-11-9 00:19 2024-11-4 Show GitHub Exploit DB Packet Storm
2458 5.4 MEDIUM
Network 		kraftplugins mega_elements Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a th… CWE-79
Cross-site Scripting 		CVE-2024-49693 2024-11-9 00:19 2024-10-24 Show GitHub Exploit DB Packet Storm
2459 7.5 HIGH
Network 		ruijie nbr3000d-e_firmware An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information via the /tool/shell/postgresql.conf component. NVD-CWE-noinfo
CVE-2024-48783 2024-11-9 00:19 2024-10-16 Show GitHub Exploit DB Packet Storm
2460 4.3 MEDIUM
Network 		63moons aero
wave_2.0 		This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs at certain API endpoint. An authenticated remote attacker could exploit this vulnerability by providing… CWE-209
Information Exposure Through an Error Message 		CVE-2024-51560 2024-11-9 00:18 2024-11-4 Show GitHub Exploit DB Packet Storm