Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 11, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201211 9.3 危険 マイクロソフト - 複数の Microsoft 製品における計算式を含むスプレッドシートの処理に関する任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3132 2010-01-5 16:18 2009-11-10 Show GitHub Exploit DB Packet Storm
201212 9.3 危険 マイクロソフト - 複数の Microsoft 製品におけるセルに含まれる計算式の処理に関する任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3131 2010-01-5 16:17 2009-11-10 Show GitHub Exploit DB Packet Storm
201213 9.3 危険 マイクロソフト - Microsoft Office Excel における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3128 2010-01-5 16:17 2009-11-10 Show GitHub Exploit DB Packet Storm
201214 9.3 危険 マイクロソフト - Microsoft Office および Open XML File Format Converter における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3127 2010-01-5 16:16 2009-11-10 Show GitHub Exploit DB Packet Storm
201215 6.8 警告 アップル
サイバートラスト株式会社
サン・マイクロシステムズ
ターボリナックス
ヒューレット・パッカード
OpenSSL Project
レッドハット		 - OpenSSL の SSL_get_shared_ciphers() 関数における一つずれエラーの脆弱性 CWE-189
数値処理の問題 		CVE-2007-5135 2010-01-5 13:31 2007-10-12 Show GitHub Exploit DB Packet Storm
201216 7.8 危険 マイクロソフト - Microsoft Windows で稼働している Active Directory の LDAP サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-1928 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
201217 9.3 危険 マイクロソフト - Microsoft Windows の kernel における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2514 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
201218 6.8 警告 マイクロソフト - Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-2513 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
201219 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
201220 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1211 6.1 MEDIUM
Network 		cozmoslabs membership_\&_content_restriction_-_paid_member_subscriptions The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_a… Update CWE-79
Cross-site Scripting 		CVE-2024-9222 2024-10-9 00:34 2024-10-2 Show GitHub Exploit DB Packet Storm
1212 6.1 MEDIUM
Network 		ibericode mailchimp_top_bar The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and in… Update CWE-79
Cross-site Scripting 		CVE-2024-9210 2024-10-9 00:34 2024-10-2 Show GitHub Exploit DB Packet Storm
1213 8.8 HIGH
Network 		cisco nexus_dashboard_fabric_controller A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerabil… Update CWE-22
Path Traversal 		CVE-2024-20449 2024-10-9 00:33 2024-10-3 Show GitHub Exploit DB Packet Storm
1214 6.1 MEDIUM
Network 		themegrill magazine_blocks The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the us… Update CWE-79
Cross-site Scripting 		CVE-2024-9218 2024-10-9 00:33 2024-10-2 Show GitHub Exploit DB Packet Storm
1215 5.4 MEDIUM
Network 		draytek vigor3910_firmware
vigor3912_firmware
vigor2962_firmware
vigor165_firmware
vigor1000b_firmware
vigor166_firmware
vigor2135_firmware
vigor2763_firmware
vigor2765_firmware
vi… 		Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6. Update CWE-79
Cross-site Scripting 		CVE-2024-41587 2024-10-9 00:32 2024-10-4 Show GitHub Exploit DB Packet Storm
1216 7.5 HIGH
Network 		draytek vigor2620_firmware
vigor2915_firmware
vigor2866_firmware
vigor2766_firmware
vigor2865_firmware
vigor2765_firmware
vigor2763_firmware
vigor2135_firmware
vigor166_firmware
vi… 		An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG o… Update CWE-326
Inadequate Encryption Strength 		CVE-2024-41594 2024-10-9 00:31 2024-10-4 Show GitHub Exploit DB Packet Storm
1217 5.5 MEDIUM
Network 		cisco nexus_dashboard_fabric_controller A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to pe… Update CWE-88
Argument Injection 		CVE-2024-20444 2024-10-9 00:26 2024-10-3 Show GitHub Exploit DB Packet Storm
1218 8.6 HIGH
Network 		cisco nexus_dashboard_fabric_controller A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco Data Center Network Manager (DCNM), could allow an attacker with access to a backup file to view sensiti… Update CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2024-20448 2024-10-9 00:25 2024-10-3 Show GitHub Exploit DB Packet Storm
1219 8.6 HIGH
Network 		cisco nexus_dashboard_orchestrator
nexus_dashboard_insights
nexus_dashboard_fabric_controller 		A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco Nexus Dashboard Orchestrator (NDO) could allow an attacker with access to a tech support file to view… Update CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2024-20490 2024-10-9 00:15 2024-10-3 Show GitHub Exploit DB Packet Storm
1220 6.1 MEDIUM
Network 		berqier berqwp The BerqWP – Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via t… Update CWE-79
Cross-site Scripting 		CVE-2024-9344 2024-10-9 00:06 2024-10-2 Show GitHub Exploit DB Packet Storm