Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
199301	7.5	危険	アドビシステムズ	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-4372	2012-01-13 18:06	2012-01-10	Show	GitHub Exploit DB Packet Storm

199302	7.5	危険	アドビシステムズ	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-4370	2012-01-13 18:01	2012-01-10	Show	GitHub Exploit DB Packet Storm

199303	7.5	危険	アドビシステムズ	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-4373	2012-01-13 17:53	2012-01-10	Show	GitHub Exploit DB Packet Storm

199304	7.5	危険	アドビシステムズ	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-4371	2012-01-13 16:50	2012-01-10	Show	GitHub Exploit DB Packet Storm

199305	9.3	危険	マイクロソフト	-	Microsoft Windows のカーネルにおける SafeSEH セキュリティ機能を回避される脆弱性	CWE-DesignError	CVE-2012-0001	2012-01-13 16:16	2012-01-10	Show	GitHub Exploit DB Packet Storm

199306	9.3	危険	マイクロソフト	-	Microsoft Windows の winmm.dll における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2012-0003	2012-01-13 16:10	2012-01-10	Show	GitHub Exploit DB Packet Storm

199307	9.3	危険	マイクロソフト	-	Microsoft Windows の DirectShow における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2012-0004	2012-01-13 16:07	2012-01-10	Show	GitHub Exploit DB Packet Storm

199308	4.3	警告	Cogent Real-Time Systems Inc.	-	Cogent DataHub におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0309	2012-01-13 15:59	2012-01-11	Show	GitHub Exploit DB Packet Storm

199309	4.3	警告	マイクロソフト	-	Microsoft Anti-Cross Site Scripting Library におけるクロスサイトスクリプティング攻撃の脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0007	2012-01-13 15:51	2012-01-10	Show	GitHub Exploit DB Packet Storm

199310	4.3	警告	Cogent Real-Time Systems Inc.	-	Cogent DataHub における HTTP ヘッダインジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2012-0310	2012-01-13 15:48	2012-01-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 19, 2024, 5:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2421	8.8	HIGH Adjacent	enelx	waybox_pro_firmware	Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php.	CWE-89 SQL Injection	CVE-2023-29118	2024-11-9 01:08	2024-11-6	Show	GitHub Exploit DB Packet Storm

2422	8.8	HIGH Adjacent	enelx	waybox_pro_firmware	Waybox Enel X web management API authentication could be bypassed and provide administrator’s privileges over the Waybox system.	CWE-287 Improper Authentication	CVE-2023-29117	2024-11-9 01:08	2024-11-6	Show	GitHub Exploit DB Packet Storm

2423	4.3	MEDIUM Adjacent	enelx	waybox_pro_firmware	Under certain conditions, through a request directed to the Waybox Enel X web management application, information like Waybox OS version or service configuration details could be obtained.	NVD-CWE-noinfo	CVE-2023-29116	2024-11-9 01:08	2024-11-6	Show	GitHub Exploit DB Packet Storm

2424	6.5	MEDIUM Adjacent	enelx	waybox_pro_firmware	In certain conditions a request directed to the Waybox Enel X Web management application could cause a denial-of-service (e.g. reboot).	NVD-CWE-noinfo	CVE-2023-29115	2024-11-9 01:08	2024-11-6	Show	GitHub Exploit DB Packet Storm

2425	5.4	MEDIUM Network	xplodedthemes	xt_floating_cart_for_woocommerce	The XT Floating Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.8.2 due to insufficient input sanit…	CWE-79 Cross-site Scripting	CVE-2024-9178	2024-11-9 01:03	2024-11-5	Show	GitHub Exploit DB Packet Storm

2426	5.4	MEDIUM Network	bdthemes	element_pack	The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Open Map Widget'…	CWE-79 Cross-site Scripting	CVE-2024-9867	2024-11-9 01:00	2024-11-5	Show	GitHub Exploit DB Packet Storm

2427	5.4	MEDIUM Network	bdthemes	element_pack	The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' paramet…	CWE-79 Cross-site Scripting	CVE-2024-9657	2024-11-9 01:00	2024-11-5	Show	GitHub Exploit DB Packet Storm

2428	4.3	MEDIUM Network	g5plus	ultimate_bootstrap_elements_for_elementor	The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ube_get_page_templates' functio…	NVD-CWE-noinfo	CVE-2024-10329	2024-11-9 00:59	2024-11-5	Show	GitHub Exploit DB Packet Storm

2429	7.3	HIGH Network	tickera	tickera	The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.4. This is due to the software allowing users t…	CWE-94 Code Injection	CVE-2024-10263	2024-11-9 00:59	2024-11-5	Show	GitHub Exploit DB Packet Storm

2430	9.8	CRITICAL Network	widgilabs	plugin_propagator	Unrestricted Upload of File with Dangerous Type vulnerability in WidgiLabs Plugin Propagator allows Upload a Web Shell to a Web Server.This issue affects Plugin Propagator: from n/a through 0.1.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-50495	2024-11-9 00:58	2024-10-29	Show	GitHub Exploit DB Packet Storm