Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 3, 2024, 10:02 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
200491	9.3	危険	マイクロソフト	-	Microsoft Windows XP で提供される Adobe Flash Player 6 における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2010-0378	2010-02-9 13:56	2010-01-12	Show	GitHub Exploit DB Packet Storm

200492	9.3	危険	マイクロソフト	-	Microsoft Windows の Embedded OpenType フォントエンジンにおける任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2010-0018	2010-02-9 13:55	2010-01-12	Show	GitHub Exploit DB Packet Storm

200493	9.3	危険	サン・マイクロシステムズアドビシステムズ	-	Adobe Acrobat におけるファイル拡張子の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-3461	2010-02-9 13:55	2009-10-13	Show	GitHub Exploit DB Packet Storm

200494	9.3	危険	サン・マイクロシステムズアドビシステムズ	-	Adobe Acrobat における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-3460	2010-02-9 13:55	2009-10-13	Show	GitHub Exploit DB Packet Storm

200495	4.3	警告	サン・マイクロシステムズアドビシステムズ	-	Adobe Acrobat におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2009-2995	2010-02-9 13:55	2009-10-13	Show	GitHub Exploit DB Packet Storm

200496	9.3	危険	サン・マイクロシステムズアドビシステムズ	-	Adobe Acrobat における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2009-2989	2010-02-9 13:55	2009-10-13	Show	GitHub Exploit DB Packet Storm

200497	9.3	危険	サン・マイクロシステムズアドビシステムズ	-	Adobe Acrobat の画像デコーダにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2009-2984	2010-02-9 13:54	2009-10-13	Show	GitHub Exploit DB Packet Storm

200498	9.3	危険	アップルアドビシステムズサン・マイクロシステムズレッドハット	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-3797	2010-02-9 12:35	2009-12-8	Show	GitHub Exploit DB Packet Storm

200499	9.3	危険	アップルアドビシステムズサン・マイクロシステムズレッドハット	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3796	2010-02-9 12:35	2009-12-8	Show	GitHub Exploit DB Packet Storm

200500	9.3	危険	アップルアドビシステムズサン・マイクロシステムズレッドハット	-	Adobe Flash Player および Adobe AIR におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-3794	2010-02-9 12:35	2009-12-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 3, 2024, 5:55 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1081	6.1	MEDIUM Network	slicewp	affiliate_program_suite	The WordPress Affiliates Plugin — SliceWP Affiliates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in…	CWE-79 Cross-site Scripting	CVE-2024-8714	2024-09-27 05:06	2024-09-14	Show	GitHub Exploit DB Packet Storm

1082	6.1	MEDIUM Network	leira	roles_\&_capabilities	The Roles & Capabilities plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and includ…	CWE-79 Cross-site Scripting	CVE-2024-8732	2024-09-27 05:01	2024-09-14	Show	GitHub Exploit DB Packet Storm

1083	6.1	MEDIUM Network	cvstech	exit_notifier	The Exit Notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.…	CWE-79 Cross-site Scripting	CVE-2024-8730	2024-09-27 04:58	2024-09-14	Show	GitHub Exploit DB Packet Storm

1084	6.1	MEDIUM Network	leira	cron_jobs	The Cron Jobs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.9.…	CWE-79 Cross-site Scripting	CVE-2024-8731	2024-09-27 04:43	2024-09-14	Show	GitHub Exploit DB Packet Storm

1085	9.8	CRITICAL Network	dedecms	dedecms	DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2023-40784	2024-09-27 04:35	2023-09-13	Show	GitHub Exploit DB Packet Storm

1086	7.8	HIGH Local	raidenftpd	raidenftpd	Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard.	CWE-120 Classic Buffer Overflow	CVE-2023-39063	2024-09-27 04:35	2023-09-12	Show	GitHub Exploit DB Packet Storm

1087	8.0	HIGH Adjacent	tp-link	archer_c3150_firmware	Archer C3150 firmware versions prior to 'Archer C3150(JP)_V2_230511' allows a network-adjacent authenticated attacker to execute arbitrary OS commands.	CWE-78 OS Command	CVE-2023-38588	2024-09-27 04:35	2023-09-6	Show	GitHub Exploit DB Packet Storm

1088	6.1	MEDIUM Network	lucasstad	lucas_string_replace	The Lucas String Replace plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and includ…	CWE-79 Cross-site Scripting	CVE-2024-8734	2024-09-27 04:30	2024-09-14	Show	GitHub Exploit DB Packet Storm

1089	5.4	MEDIUM Network	khromov	email_obfuscate_shortcode	The Email Obfuscate Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'email-obfuscate' shortcode in all versions up to, and including, 2.0 due to insuffici…	CWE-79 Cross-site Scripting	CVE-2024-8747	2024-09-27 04:23	2024-09-14	Show	GitHub Exploit DB Packet Storm

1090	6.1	MEDIUM Network	kubiq	pdf_thumbnail_generator	The PDF Thumbnail Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and inc…	CWE-79 Cross-site Scripting	CVE-2024-8737	2024-09-27 04:18	2024-09-14	Show	GitHub Exploit DB Packet Storm