Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
198671 10 危険 Jens Witt - TYPO3 用 JW Calendar エクステンションにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2010-4953 2012-02-29 11:55 2011-10-9 Show GitHub Exploit DB Packet Storm
198672 7.5 危険 Joachim Ruhs - TYPO3 用 FE user statistic エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4952 2012-02-29 11:51 2011-10-9 Show GitHub Exploit DB Packet Storm
198673 5 警告 Thomas Mammitzsch - TYPO3 用 xaJax Shoutbox エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4951 2012-02-29 11:48 2011-10-9 Show GitHub Exploit DB Packet Storm
198674 7.5 危険 Joachim Ruhs - TYPO3 用 Event エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4950 2012-02-29 11:42 2011-10-9 Show GitHub Exploit DB Packet Storm
198675 4.3 警告 Codologic.com - Joomla! 用 FreiChat および FreiChatPure におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4949 2012-02-29 11:21 2011-10-9 Show GitHub Exploit DB Packet Storm
198676 7.5 危険 Phpgalleryscript - PHP Free Photo Gallery script における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2010-4948 2012-02-29 11:19 2011-10-9 Show GitHub Exploit DB Packet Storm
198677 4.3 警告 Allpcscript - ALLPC の advanced_search_result.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4947 2012-02-29 11:17 2011-10-9 Show GitHub Exploit DB Packet Storm
198678 7.5 危険 Allpcscript - ALLPC の product_info.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4946 2012-02-29 11:16 2011-10-9 Show GitHub Exploit DB Packet Storm
198679 7.5 危険 Joomla! - Joomla! 用 CamelcityDB コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4945 2012-02-29 11:15 2011-10-9 Show GitHub Exploit DB Packet Storm
198680 7.5 危険 Joomla! - Mambo および Joomla! 用 Elite Experts コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4944 2012-02-29 11:14 2011-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2291 5.4 MEDIUM
Network
bdthemes element_pack The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' paramet… CWE-79
Cross-site Scripting
CVE-2024-9657 2024-11-9 01:00 2024-11-5 Show GitHub Exploit DB Packet Storm
2292 4.3 MEDIUM
Network
g5plus ultimate_bootstrap_elements_for_elementor The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ube_get_page_templates' functio… NVD-CWE-noinfo
CVE-2024-10329 2024-11-9 00:59 2024-11-5 Show GitHub Exploit DB Packet Storm
2293 7.3 HIGH
Network
tickera tickera The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.4. This is due to the software allowing users t… CWE-94
Code Injection
CVE-2024-10263 2024-11-9 00:59 2024-11-5 Show GitHub Exploit DB Packet Storm
2294 9.8 CRITICAL
Network
widgilabs plugin_propagator Unrestricted Upload of File with Dangerous Type vulnerability in WidgiLabs Plugin Propagator allows Upload a Web Shell to a Web Server.This issue affects Plugin Propagator: from n/a through 0.1. CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-50495 2024-11-9 00:58 2024-10-29 Show GitHub Exploit DB Packet Storm
2295 4.3 MEDIUM
Network
themeum wp_crowdfunding Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.10. CWE-862
 Missing Authorization
CVE-2024-43937 2024-11-9 00:57 2024-11-2 Show GitHub Exploit DB Packet Storm
2296 5.3 MEDIUM
Network
combodo itop Combodo iTop is a simple, web based IT Service Management tool. Unauthenticated user can perform users enumeration, which can make it easier to bruteforce a valid account. As a fix the sentence displ… CWE-203
 Information Exposure Through Discrepancy
CVE-2024-51739 2024-11-9 00:56 2024-11-6 Show GitHub Exploit DB Packet Storm
2297 4.1 MEDIUM
Network
nvidia nvidia_container_toolkit
nvidia_gpu_operator
NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name … NVD-CWE-Other
CVE-2024-0134 2024-11-9 00:53 2024-11-6 Show GitHub Exploit DB Packet Storm
2298 6.1 MEDIUM
Network
hashicorp consul A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and … CWE-79
Cross-site Scripting
CVE-2024-10086 2024-11-9 00:49 2024-10-31 Show GitHub Exploit DB Packet Storm
2299 10.0 CRITICAL
Network
webandprint ar Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For WordPress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through … CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-50496 2024-11-9 00:49 2024-10-29 Show GitHub Exploit DB Packet Storm
2300 4.3 MEDIUM
Network
hcltech connections HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not entit… NVD-CWE-noinfo
CVE-2024-30106 2024-11-9 00:43 2024-10-29 Show GitHub Exploit DB Packet Storm