Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199621 4.3 警告 Rayzz - Rayzz Photoz の members/profileCommentsResponse.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5005 2011-12-9 14:15 2011-11-2 Show GitHub Exploit DB Packet Storm
199622 7.5 危険 Emophp Programming - EMO Realty Manager の googlemap/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5006 2011-12-9 14:15 2011-11-2 Show GitHub Exploit DB Packet Storm
199623 4.3 警告 ut-files - UTStats の pages/match_report.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5007 2011-12-9 14:14 2011-11-2 Show GitHub Exploit DB Packet Storm
199624 7.5 危険 Denali - BrightSuite Groupware における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5008 2011-12-9 14:13 2011-11-2 Show GitHub Exploit DB Packet Storm
199625 7.5 危険 ut-files - UTStats の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5009 2011-12-9 14:12 2011-11-2 Show GitHub Exploit DB Packet Storm
199626 4.3 警告 FullSite Pty Ltd - SchoolMation におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5010 2011-12-9 14:10 2011-11-2 Show GitHub Exploit DB Packet Storm
199627 7.5 危険 FullSite Pty Ltd - SchoolMation における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5011 2011-12-9 14:10 2011-11-2 Show GitHub Exploit DB Packet Storm
199628 7.5 危険 David Noguera Gutierrez - DaLogin における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5012 2011-12-9 14:09 2011-11-2 Show GitHub Exploit DB Packet Storm
199629 7.5 危険 McKenzie Creations - Mckenzie Creations Virtual Real Estate Manager における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5013 2011-12-9 14:04 2011-11-2 Show GitHub Exploit DB Packet Storm
199630 7.5 危険 ELITE LADDAERS - Elite Gaming Ladders における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5014 2011-12-9 14:03 2011-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 17, 2024, 4:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2101 - - - Cross-site scripting vulnerability exists in WP Booking versions prior to 2.4.5. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessin… - CVE-2024-35297 2024-11-9 02:35 2024-05-27 Show GitHub Exploit DB Packet Storm
2102 - - - nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial of Service by remote attacker. - CVE-2024-28214 2024-11-9 02:35 2024-03-7 Show GitHub Exploit DB Packet Storm
2103 - - - The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1. A user may be unable to delete browsing history items. - CVE-2023-42951 2024-11-9 02:35 2024-02-21 Show GitHub Exploit DB Packet Storm
2104 6.5 MEDIUM
Network 		hcltech bigfix_webui_insights A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page. CWE-276
Incorrect Default Permissions  		CVE-2023-23344 2024-11-9 02:35 2023-06-23 Show GitHub Exploit DB Packet Storm
2105 8.8 HIGH
Network 		level1 wbr-6012_firmware The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the curr… CWE-620
 Unverified Password Change 		CVE-2024-33699 2024-11-9 02:09 2024-10-30 Show GitHub Exploit DB Packet Storm
2106 7.5 HIGH
Network 		level1 wbr-6012_firmware The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malforme… NVD-CWE-noinfo
CVE-2024-33700 2024-11-9 02:06 2024-10-30 Show GitHub Exploit DB Packet Storm
2107 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to en… NVD-CWE-noinfo
CVE-2024-50093 2024-11-9 01:49 2024-11-6 Show GitHub Exploit DB Packet Storm
2108 - - - An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, whic… - CVE-2024-50593 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2109 - - - An unauthenticated attacker with access to the local network of the medical office can query an unprotected Fast Healthcare Interoperability Resources (FHIR) API to get access to sensitive electron… - CVE-2024-50589 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm
2110 - - - An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the data… - CVE-2024-50588 2024-11-9 01:35 2024-11-8 Show GitHub Exploit DB Packet Storm