Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 21, 2024, 6:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201831	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

201832	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
441	5.4	MEDIUM Network	filemanagerpro	file_manager	The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php an…	CWE-79 Cross-site Scripting	CVE-2018-16363	2024-10-18 21:19	2018-09-8	Show	GitHub Exploit DB Packet Storm

442	-		-	-	MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials. This vulnerability could allow an attacker to tamper with sensitive data.	-	CVE-2024-4740	2024-10-18 18:15	2024-10-18	Show	GitHub Exploit DB Packet Storm

443	-		-	-	The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable. By acquiring a valid authenticator, an attacker can pose as an aut…	-	CVE-2024-4739	2024-10-18 18:15	2024-10-18	Show	GitHub Exploit DB Packet Storm

444	-		-	-	There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow an authenticated user to execute arbitrary SQL queries.	-	CVE-2024-47487	2024-10-18 18:15	2024-10-18	Show	GitHub Exploit DB Packet Storm

445	-		-	-	There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could inject scripts into certain pages by building malicious data.	-	CVE-2024-47486	2024-10-18 18:15	2024-10-18	Show	GitHub Exploit DB Packet Storm

446	-		-	-	There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file.	-	CVE-2024-47485	2024-10-18 18:15	2024-10-18	Show	GitHub Exploit DB Packet Storm

447	-		-	-	A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates.…	CWE-295 Improper Certificate Validation	CVE-2023-49570	2024-10-18 18:15	2024-10-18	Show	GitHub Exploit DB Packet Storm

448	6.4	MEDIUM Network	-	-	The WP Easy Post Types plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in versions up to, and including, 1.4.4 due to insufficient input sanitization and output escapi…	CWE-79 Cross-site Scripting	CVE-2024-10080	2024-10-18 17:15	2024-10-18	Show	GitHub Exploit DB Packet Storm

449	8.8	HIGH Network	-	-	The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajax…	CWE-502 Deserialization of Untrusted Data	CVE-2024-10079	2024-10-18 17:15	2024-10-18	Show	GitHub Exploit DB Packet Storm

450	7.3	HIGH Network	-	-	The WP Easy Post Types plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and inc…	CWE-862 Missing Authorization	CVE-2024-10078	2024-10-18 17:15	2024-10-18	Show	GitHub Exploit DB Packet Storm