Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 6, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198811 7.5 危険 wikiwebhelp - Wiki Web Help の handlers/getpage.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4970 2011-12-9 14:44 2011-11-1 Show GitHub Exploit DB Packet Storm
198812 7.5 危険 YPNinc - YPNinc JokeScript の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4972 2011-12-9 14:43 2011-11-1 Show GitHub Exploit DB Packet Storm
198813 4.3 警告 Sourcefabric - Campsite の検索機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4973 2011-12-9 14:43 2011-11-1 Show GitHub Exploit DB Packet Storm
198814 7.5 危険 BrotherScripts - Auto Dealer の info.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4974 2011-12-9 14:42 2011-11-1 Show GitHub Exploit DB Packet Storm
198815 7.5 危険 Techjoomla - Joomla! 用の Techjoomla SocialAds における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4975 2011-12-9 14:41 2011-11-1 Show GitHub Exploit DB Packet Storm
198816 4.3 警告 MetInfo - MetInfo の search/search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4976 2011-12-9 14:40 2011-11-1 Show GitHub Exploit DB Packet Storm
198817 7.5 危険 Miniwork - Joomla! 用 Canteen コンポーネントの menu.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4977 2011-12-9 14:39 2011-11-1 Show GitHub Exploit DB Packet Storm
198818 4.3 警告 Nicholas Berry - CANDID の image/view.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4978 2011-12-9 14:39 2011-11-1 Show GitHub Exploit DB Packet Storm
198819 7.5 危険 Nicholas Berry - CANDID の image/view.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4979 2011-12-9 14:38 2011-11-1 Show GitHub Exploit DB Packet Storm
198820 7.5 危険 iScripts - iScripts ReserveLogic の packagedetails.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4980 2011-12-9 14:38 2011-11-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 7, 2024, 5:21 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
641 - - - Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability. New - CVE-2024-51511 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
642 - - - Out-of-bounds access vulnerability in the logo module Impact: Successful exploitation of this vulnerability may affect service confidentiality. New - CVE-2024-51510 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
643 - - - The WooCommerce Report plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.1. This is due to missing or incorrect nonce validation on the settin… New CWE-352
 Origin Validation Error 		CVE-2024-10711 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
644 8.1 HIGH
Network 		- - The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.7.7. This is due to insufficient verification on the user being retu… New CWE-287
Improper Authentication 		CVE-2024-10114 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
645 8.1 HIGH
Network 		- - The Loginizer Security and Loginizer plugins for WordPress are vulnerable to authentication bypass in all versions up to, and including, 1.9.2. This is due to insufficient verification on the user be… New CWE-287
Improper Authentication 		CVE-2024-10097 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
646 - - - Zope AccessControl provides a general security framework for use in Zope. In affected versions anonymous users can delete the user data maintained by an `AccessControl.userfolder.UserFolder` which ma… New CWE-284
Improper Access Control 		CVE-2024-51734 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
647 - - - Refit is an automatic type-safe REST library for .NET Core, Xamarin and .NET The various header-related Refit attributes (Header, HeaderCollection and Authorize) are vulnerable to CRLF injection. The… New CWE-93
CRLF Injection 		CVE-2024-51501 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
648 - - - Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadcast address (0xFFFFFFFF) which could resu… New CWE-138
CWE-159
CVE-2024-51500 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
649 - - - langflow <=1.0.18 is vulnerable to Remote Code Execution (RCE) as any component provided the code functionality and the components run on the local machine rather than in a sandbox. New - CVE-2024-48061 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
650 - - - gaizhenbiao/chuanhuchatgpt project, version <=20240802 is vulnerable to stored Cross-Site Scripting (XSS) in WebSocket session transmission. An attacker can inject malicious content into a WebSocket … New - CVE-2024-48059 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm