Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 11, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
200911	9	危険	マイクロソフト	-	Microsoft Virtual PC の VMM におけるゲスト OS 内で任意のカーネルモードコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-1542	2010-03-17 12:18	2009-07-14	Show	GitHub Exploit DB Packet Storm

200912	6.8	警告	IBM	-	IBM Lotus Domino Web Access におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-0921	2010-03-16 11:15	2010-03-3	Show	GitHub Exploit DB Packet Storm

200913	4.3	警告	IBM	-	IBM Lotus Domino Web Access におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0920	2010-03-16 11:14	2010-03-3	Show	GitHub Exploit DB Packet Storm

200914	10	危険	IBM	-	IBM Lotus Domino Web Access の UltraLite 機能における脆弱性	CWE-noinfo 情報不足	CVE-2010-0918	2010-03-16 11:14	2010-03-3	Show	GitHub Exploit DB Packet Storm

200915	4.9	警告	サイバートラスト株式会社レッドハット SystemTap	-	SystemTap の _get_argv および _get_compat_argv 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2010-0411	2010-03-16 11:14	2010-02-8	Show	GitHub Exploit DB Packet Storm

200916	10	危険	サイバートラスト株式会社レッドハット SystemTap	-	SystemTap の stap-server における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-4273	2010-03-16 11:14	2010-01-26	Show	GitHub Exploit DB Packet Storm

200917	6.5	警告	サイバートラスト株式会社 Linux レッドハット	-	KVM の x86 エミュレータにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0298	2010-03-16 11:13	2010-02-9	Show	GitHub Exploit DB Packet Storm

200918	4.4	警告	サイバートラスト株式会社 Fabrice Bellard レッドハット	-	QEMU の usb_host_handle_control 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0297	2010-03-16 11:13	2010-02-9	Show	GitHub Exploit DB Packet Storm

200919	6.8	警告	サン・マイクロシステムズ freedesktop.org	-	Poppler における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-3605	2010-03-15 16:40	2009-11-2	Show	GitHub Exploit DB Packet Storm

200920	4.1	警告	Linux レッドハット	-	Linux kernel の smbfs に関する脆弱性	-	CVE-2006-5871	2010-03-15 16:40	2005-10-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
821	5.4	MEDIUM Network	lunary	lunary	In lunary-ai/lunary versions 1.2.2 through 1.2.25, an improper access control vulnerability allows users on the Free plan to invite other members and assign them any role, including those intended fo… Update	CWE-862 Missing Authorization	CVE-2024-5127	2024-10-9 22:38	2024-06-7	Show	GitHub Exploit DB Packet Storm

822	-		bold-themes	bold_page_builder	The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Icon Link in all versions up to, and including, 4.8.0 due to insufficient input sanitization a… Update	CWE-79 Cross-site Scripting	CVE-2024-1160	2024-10-9 22:30	2024-02-13	Show	GitHub Exploit DB Packet Storm

823	7.2	HIGH Network	sygnoos	popup_builder	The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite Wo… Update	CWE-22 CWE-918 Path Traversal Server-Side Request Forgery (SSRF)	CVE-2023-6294	2024-10-9 22:24	2024-02-13	Show	GitHub Exploit DB Packet Storm

824	5.4	MEDIUM Network	bold-themes	bold_page_builder	The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.8.0 due to insufficient input sanitizatio… Update	CWE-79 Cross-site Scripting	CVE-2024-1159	2024-10-9 22:22	2024-02-13	Show	GitHub Exploit DB Packet Storm

825	6.1	MEDIUM Network	deconf	analytics_insights	The Analytics Insights for Google Analytics 4 (AIWP) WordPress plugin before 6.3 is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. This makes it p… Update	CWE-601 Open Redirect	CVE-2024-0250	2024-10-9 22:19	2024-02-13	Show	GitHub Exploit DB Packet Storm

826	4.3	MEDIUM Network	spider-themes	eazydocs	The EazyDocs WordPress plugin before 2.4.0 re-introduced CVE-2023-6029 (https://wpscan.com/vulnerability/7a0aaf85-8130-4fd7-8f09-f8edc929597e/) in 2.3.8, allowing any authenticated users, such as sub… Update	NVD-CWE-noinfo	CVE-2024-0248	2024-10-9 22:11	2024-02-13	Show	GitHub Exploit DB Packet Storm

827	8.8	HIGH Network	dlink	dir-619l_firmware	A vulnerability has been found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this vulnerability is the function formEasySetPassword of the file /goform/formEasySetPassword. The m… Update	CWE-120 Classic Buffer Overflow	CVE-2024-9569	2024-10-9 22:04	2024-10-8	Show	GitHub Exploit DB Packet Storm

828	8.8	HIGH Network	dlink	dir-619l_firmware	A vulnerability, which was classified as critical, was found in D-Link DIR-619L B1 2.06. Affected is the function formAdvNetwork of the file /goform/formAdvNetwork. The manipulation of the argument c… Update	CWE-120 Classic Buffer Overflow	CVE-2024-9568	2024-10-9 22:04	2024-10-8	Show	GitHub Exploit DB Packet Storm

829	9.8	CRITICAL Network	lightningai	pytorch_lightning	Code Injection in GitHub repository pytorchlightning/pytorch-lightning prior to 1.6.0. Update	CWE-94 Code Injection	CVE-2022-0845	2024-10-9 20:56	2022-03-6	Show	GitHub Exploit DB Packet Storm

830	7.8	HIGH Local	lightningai	pytorch_lightning	pytorch-lightning is vulnerable to Deserialization of Untrusted Data Update	CWE-502 Deserialization of Untrusted Data	CVE-2021-4118	2024-10-9 20:56	2021-12-24	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed