Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 5, 2024, 6:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200321 4.3 警告 ModSecurity - ModSecurity の PDF XSS 保護機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-16
環境設定 		CVE-2009-1903 2011-06-7 10:13 2009-03-12 Show GitHub Exploit DB Packet Storm
200322 7.8 危険 ModSecurity - ModSecurity の multipart processor におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-1902 2011-06-7 10:11 2009-03-12 Show GitHub Exploit DB Packet Storm
200323 5 警告 ModSecurity - ModSecurity モジュールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2008-5676 2011-06-7 10:08 2010-08-1 Show GitHub Exploit DB Packet Storm
200324 7.5 危険 Ecava - Ecava IntegraXor HMI における認証を回避される脆弱性 CWE-89
SQLインジェクション 		CVE-2011-1562 2011-06-6 14:47 2011-04-5 Show GitHub Exploit DB Packet Storm
200325 6.8 警告 IntelliCom Innovation AB - 複数の IntelliCom 製品の cgi-bin/read.cgi における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4731 2011-06-6 14:46 2011-02-15 Show GitHub Exploit DB Packet Storm
200326 9 危険 IntelliCom Innovation AB - 複数の IntelliCom 製品の cgi-bin/read.cgi における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4732 2011-06-6 14:44 2011-02-15 Show GitHub Exploit DB Packet Storm
200327 6.8 警告 IntelliCom Innovation AB - 複数の IntelliCom 製品の cgi-bin/read.cgi におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4730 2011-06-6 14:34 2011-02-15 Show GitHub Exploit DB Packet Storm
200328 7.8 危険 Imperva Inc. - Imperva SecureSphere の Web Application Firewall および Database Firewall における intrusion-prevention 機能を回避される脆弱性 CWE-noinfo
情報不足 		CVE-2010-1329 2011-06-6 14:29 2010-04-5 Show GitHub Exploit DB Packet Storm
200329 4.3 警告 Imperva Inc. - Imperva SecureSphere MX Management Server の management GUI におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1463 2011-06-6 14:27 2008-03-18 Show GitHub Exploit DB Packet Storm
200330 6.5 警告 バラクーダネットワークス - Barracuda Spam Firewall の Account View ページ内にある index.cgi における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1094 2011-06-6 14:23 2008-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 5, 2024, 4:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1841 7.5 HIGH
Network 		qodeinteractive qi_addons_for_elementor The Qi Addons For Elementor plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 1.7.2 via the 'behavior' attributes found in the qi_addons_for_elementor_… CWE-706
 Use of Incorrectly-Resolved Name or Reference 		CVE-2024-4887 2024-10-30 04:52 2024-06-7 Show GitHub Exploit DB Packet Storm
1842 5.4 MEDIUM
Network 		nayrathemes clever_fox The Clever Fox – One Click Website Importer by Nayra Themes plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'clever-fox-activate-theme… CWE-862
 Missing Authorization 		CVE-2023-6876 2024-10-30 04:50 2024-06-7 Show GitHub Exploit DB Packet Storm
1843 5.4 MEDIUM
Network 		lightpress lightbox The WP jQuery Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ attribute in all versions up to, and including, 1.5.4 due to insufficient input sanitization a… CWE-79
Cross-site Scripting 		CVE-2024-5425 2024-10-30 04:49 2024-06-7 Show GitHub Exploit DB Packet Storm
1844 5.3 MEDIUM
Network 		themefarmer woocommerce_tools The WooCommerce Tools plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the woocommerce_tool_toggle_module() function in all versions up to,… CWE-862
 Missing Authorization 		CVE-2024-1689 2024-10-30 04:49 2024-06-7 Show GitHub Exploit DB Packet Storm
1845 5.4 MEDIUM
Network 		nayrathemes clever_fox The Clever Fox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's info box block in all versions up to, and including, 25.2.0 due to insufficient input sanitization an… CWE-79
Cross-site Scripting 		CVE-2024-1768 2024-10-30 04:44 2024-06-7 Show GitHub Exploit DB Packet Storm
1846 - - - An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/m… - CVE-2024-48074 2024-10-30 04:35 2024-10-28 Show GitHub Exploit DB Packet Storm
1847 - - - An issue was discovered in WTCMS 1.0. In the plupload method in \AssetController.class.php, the app parameters aren't processed, resulting in Cross Site Scripting (XSS). - CVE-2024-48239 2024-10-30 04:35 2024-10-26 Show GitHub Exploit DB Packet Storm
1848 - - - WTCMS 1.0 is vulnerable to SQL Injection in the edit_post method of /Admin\Controller\NavControl.class.php via the parentid parameter. - CVE-2024-48238 2024-10-30 04:35 2024-10-26 Show GitHub Exploit DB Packet Storm
1849 - - - An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the FileOutputStream function in the write String method of the ofcms-admin\src\main\java\com\ofsoft\cms\core\uitle\File… - CVE-2024-48236 2024-10-30 04:35 2024-10-26 Show GitHub Exploit DB Packet Storm
1850 - - - An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the save method of the TemplateController.java file. - CVE-2024-48235 2024-10-30 04:35 2024-10-26 Show GitHub Exploit DB Packet Storm