Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
199781	8.3	危険	シスコシステムズ	-	Cisco TelePresence エンドポイントデバイスの XML-RPC 実装における任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2011-0378	2011-11-29 09:53	2011-02-23	Show	GitHub Exploit DB Packet Storm

199782	7.8	危険	シスコシステムズ	-	Cisco TelePresence エンドポイントデバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0377	2011-11-29 09:52	2011-02-23	Show	GitHub Exploit DB Packet Storm

199783	10	危険	シスコシステムズ	-	Cisco TelePresence エンドポイントデバイスにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-0376	2011-11-29 09:51	2011-02-23	Show	GitHub Exploit DB Packet Storm

199784	9	危険	シスコシステムズ	-	Cisco TelePresence エンドポイントデバイスにおける任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2011-0375	2011-11-29 09:51	2011-02-23	Show	GitHub Exploit DB Packet Storm

199785	9	危険	シスコシステムズ	-	Cisco TelePresence エンドポイントデバイスにおける任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2011-0374	2011-11-29 09:50	2011-02-23	Show	GitHub Exploit DB Packet Storm

199786	9	危険	シスコシステムズ	-	Cisco TelePresence エンドポイントデバイスにおける任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2011-0373	2011-11-29 09:50	2011-02-23	Show	GitHub Exploit DB Packet Storm

199787	10	危険	シスコシステムズ	-	Cisco TelePresence エンドポイントデバイスにおける任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2011-0372	2011-11-29 09:49	2011-02-23	Show	GitHub Exploit DB Packet Storm

199788	10	危険	シスコシステムズ	-	Cisco Security Agent の Management Console における任意のファイルを作られる脆弱性	CWE-94 コード・インジェクション	CVE-2011-0364	2011-11-29 09:48	2011-02-16	Show	GitHub Exploit DB Packet Storm

199789	7.8	危険	VMware シスコシステムズ	-	Cisco Nexus 1000V Virtual Ethernet Module におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0355	2011-11-29 09:46	2011-02-7	Show	GitHub Exploit DB Packet Storm

199790	7.5	危険	日本電気アップルアライドテレシスサン・マイクロシステムズ BEAシステムズレッドハット	-	Java Web Start において許可されていないシステムクラスが実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-2435	2011-11-28 16:52	2007-04-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 17, 2024, 4:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1951	5.4	MEDIUM Network	codepen	codepen	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode allows Stored XSS.This issue affects CodePen …	CWE-79 Cross-site Scripting	CVE-2024-50440	2024-11-9 05:33	2024-10-29	Show	GitHub Exploit DB Packet Storm

1952	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context Unaligned access exception can be triggered in irq-enabled con…	NVD-CWE-noinfo	CVE-2024-50111	2024-11-9 05:32	2024-11-6	Show	GitHub Exploit DB Packet Storm

1953	5.4	MEDIUM Network	redefiningtheweb	pdf_generator_addon_for_elementor_page_builder	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder allows Stored XSS.This iss…	CWE-79 Cross-site Scripting	CVE-2024-50449	2024-11-9 05:32	2024-10-29	Show	GitHub Exploit DB Packet Storm

1954	6.1	MEDIUM Network	yithemes	yith_woocommerce_product_add-ons	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Reflected XSS.This issue affects YITH WooComm…	CWE-79 Cross-site Scripting	CVE-2024-50448	2024-11-9 05:32	2024-10-29	Show	GitHub Exploit DB Packet Storm

1955	5.4	MEDIUM Network	fatcatapps	easy_pricing_tables	The Pricing Tables WordPress Plugin – Easy Pricing Tables plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘fontFamily’ attribute in all versions up to, and including, 3.2.6 …	CWE-79 Cross-site Scripting	CVE-2024-8323	2024-11-9 05:30	2024-11-6	Show	GitHub Exploit DB Packet Storm

1956	5.4	MEDIUM Network	pluginus	woot	The Active Products Tables for WooCommerce. Use constructor to create tables plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's woot_button shortcode in all versions u…	CWE-79 Cross-site Scripting	CVE-2024-10168	2024-11-9 05:27	2024-11-6	Show	GitHub Exploit DB Packet Storm

1957	5.4	MEDIUM Network	mappresspro	mappress	The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map block in all versions up to, and including, 2.94.1 due to insufficient input san…	CWE-79 Cross-site Scripting	CVE-2024-10715	2024-11-9 05:25	2024-11-6	Show	GitHub Exploit DB Packet Storm

1958	9.8	CRITICAL Network	eyecix	jobsearch_wp_job_board	The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_location_load_excel_file_callback() function in all versio…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-8615	2024-11-9 05:24	2024-11-6	Show	GitHub Exploit DB Packet Storm

1959	8.8	HIGH Network	eyecix	jobsearch_wp_job_board	The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_wp_handle_upload() function in all versions up to, and inc…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-8614	2024-11-9 05:23	2024-11-6	Show	GitHub Exploit DB Packet Storm

1960	5.3	MEDIUM Network	dlink	dns-320_firmware dns-320lw_firmware dns-325_firmware dns-340l_firmware	A vulnerability classified as problematic has been found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. This affects an unknown part of the file /xml/info.xml of the component HTT…	NVD-CWE-Other	CVE-2024-10916	2024-11-9 05:11	2024-11-7	Show	GitHub Exploit DB Packet Storm