Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 25, 2024, 6:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202271 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 25, 2024, 8:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1 6.4 MEDIUM
Network 		- - The Shoutcast Icecast HTML5 Radio Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'html5radio' shortcode in all versions up to, and including, 2.1.6 due to i… New CWE-79
Cross-site Scripting 		CVE-2024-8666 2024-10-25 18:15 2024-10-25 Show GitHub Exploit DB Packet Storm
2 6.4 MEDIUM
Network 		- - The Beek Widget Extention plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 0.9.5 due to insufficient input sanitization and output es… New CWE-79
Cross-site Scripting 		CVE-2024-10343 2024-10-25 18:15 2024-10-25 Show GitHub Exploit DB Packet Storm
3 6.4 MEDIUM
Network 		- - The Simple News plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'news' shortcode in all versions up to, and including, 2.8 due to insufficient input sanitization an… New CWE-79
Cross-site Scripting 		CVE-2024-10112 2024-10-25 18:15 2024-10-25 Show GitHub Exploit DB Packet Storm
4 6.4 MEDIUM
Network 		- - The File Upload Types by WPForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.4.0 due to insufficient input sanitizat… New CWE-79
Cross-site Scripting 		CVE-2024-10016 2024-10-25 18:15 2024-10-25 Show GitHub Exploit DB Packet Storm
5 - - - Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, ma… New - CVE-2024-48870 2024-10-25 18:15 2024-10-25 Show GitHub Exploit DB Packet Storm
6 - - - Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability. Accessing a crafted URL which points to an affected prod… New - CVE-2024-47801 2024-10-25 18:15 2024-10-25 Show GitHub Exploit DB Packet Storm
7 - - - Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an… New - CVE-2024-47549 2024-10-25 18:15 2024-10-25 Show GitHub Exploit DB Packet Storm
8 - - - Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability. New - CVE-2024-47406 2024-10-25 18:15 2024-10-25 Show GitHub Exploit DB Packet Storm
9 - - - Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted. A non-administrative user may execute some … New - CVE-2024-47005 2024-10-25 18:15 2024-10-25 Show GitHub Exploit DB Packet Storm
10 - - - Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP reque… New - CVE-2024-45842 2024-10-25 18:15 2024-10-25 Show GitHub Exploit DB Packet Storm