Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 7, 2024, 10:02 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
11	9.8	緊急 Network	Shenzhen Tenda Technology Co.,Ltd.	G3 ファームウェア	Tenda の g3 ファームウェアにおける OS コマンドインジェクションの脆弱性 New	CWE-78 CWE-78	CVE-2024-46628	2024-10-7 09:54	2024-09-26	Show	GitHub Exploit DB Packet Storm

12	5.4	警告 Network	websevendev	attributes for blocks	websevendev の WordPress 用 attributes for blocks におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-8318	2024-10-7 09:54	2024-09-4	Show	GitHub Exploit DB Packet Storm

13	5.9	警告 Network	PLANET	gs-4210-24p2s ファームウェア igs-5225-4up1t2s ファームウェア gs-4210-24pl4c ファームウェア	複数の PLANET 製品における暗号強度に関する脆弱性 New	CWE-261 CWE-326	CVE-2024-8455	2024-10-7 09:54	2024-09-30	Show	GitHub Exploit DB Packet Storm

14	9.8	緊急 Network	oceanicsoft	valeapp	oceanicsoft の valeapp における SQL インジェクションの脆弱性 New	CWE-89 SQLインジェクション	CVE-2024-8607	2024-10-7 09:54	2024-09-27	Show	GitHub Exploit DB Packet Storm

15	8.8	重要 Network	MainWP	updraftplus extension	MainWP の WordPress 用 updraftplus extension における認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2023-23640	2024-10-7 09:44	2023-01-17	Show	GitHub Exploit DB Packet Storm

16	6.5	警告 Network	Online Voting System project	Online Voting System	Online Voting System project の Online Voting System におけるクロスサイトリクエストフォージェリの脆弱性 New	CWE-352 同一生成元ポリシー違反	CVE-2024-45987	2024-10-7 09:44	2024-09-26	Show	GitHub Exploit DB Packet Storm

17	7.8	重要 Local	randygaul	cute png	randygaul の cute png における境界外書き込みに関する脆弱性 New	CWE-787 境界外書き込み	CVE-2024-46258	2024-10-7 09:44	2024-10-1	Show	GitHub Exploit DB Packet Storm

18	7.8	重要 Local	randygaul	cute png	randygaul の cute png における境界外書き込みに関する脆弱性 New	CWE-787 境界外書き込み	CVE-2024-46264	2024-10-7 09:44	2024-10-1	Show	GitHub Exploit DB Packet Storm

19	4.8	警告 Network	Ampache.org	Ampache	Ampache.org の Ampache におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-47184	2024-10-7 09:44	2024-09-27	Show	GitHub Exploit DB Packet Storm

20	4.3	警告 Network	RadiusTheme	the post grid	RadiusTheme の WordPress 用 the post grid における脆弱性 New	CWE-200 CWE-noinfo	CVE-2024-7418	2024-10-7 09:44	2024-08-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 7, 2024, 5:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
131	-	-	-	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bPlugins LLC Logo Carousel – Clients logo carousel for WP allows Stored XSS.This issue aff… New	CWE-79 Cross-site Scripting	CVE-2024-47631	2024-10-5 22:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

132	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin allows PHP Local File Inclusion.This is… New	CWE-22 Path Traversal	CVE-2024-47324	2024-10-5 22:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

133	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin allows PHP Local File Inclusion.This is… New	-	CVE-2024-47323	2024-10-5 22:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

134	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form – Contact Form Plugin allows Code Injection.This issue affects Bit Form – Contact Form Plugin: from n/a through 2.13… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-47319	2024-10-5 22:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

135	-	-	-	Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.9. New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-47316	2024-10-5 22:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

136	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Condless Cities Shipping Zones for WooCommerce allows PHP Local File Inclusion.This issue affects Citie… New	CWE-22 Path Traversal	CVE-2024-47309	2024-10-5 22:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

137	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Martin Greenwood WPSPX allows PHP Local File Inclusion.This issue affects WPSPX: from n/a through 1.0.2. New	CWE-22 Path Traversal	CVE-2024-44034	2024-10-5 22:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

138	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ABCApp Creator allows PHP Local File Inclusion.This issue affects ABCApp Creator: from n/a through 1.1.… New	CWE-22 Path Traversal	CVE-2024-44023	2024-10-5 22:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

139	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Istmo Plugins Instant Chat Floating Button for WordPress Websites allows PHP Local File Inclusion.This … New	CWE-22 Path Traversal	CVE-2024-44018	2024-10-5 22:15	2024-10-5	Show	GitHub Exploit DB Packet Storm

140	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mestres do WP Checkout Mestres WP allows PHP Local File Inclusion.This issue affects Checkout Mestres W… Update	-	CVE-2024-44030	2024-10-5 22:15	2024-10-2	Show	GitHub Exploit DB Packet Storm