Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 10 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
202431 5.8 警告 アップル
サイバートラスト株式会社
MIT Kerberos
サン・マイクロシステムズ
VMware
レッドハット
- MIT Kerberos の SPNEGO 実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー
CVE-2009-0844 2010-12-7 16:38 2009-04-7 Show GitHub Exploit DB Packet Storm
202432 4 警告 Pidgin
レッドハット
- Pidgin の libpurple におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2010-3711 2010-12-7 15:44 2010-05-12 Show GitHub Exploit DB Packet Storm
202433 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2010-3336 2010-12-6 16:51 2010-11-9 Show GitHub Exploit DB Packet Storm
202434 9.3 危険 マイクロソフト - 複数の Microsoft 製品における整数アンダーフローの脆弱性 CWE-189
数値処理の問題
CVE-2010-2573 2010-12-6 16:30 2010-11-9 Show GitHub Exploit DB Packet Storm
202435 9.3 危険 マイクロソフト - Microsoft Office における権限昇格の脆弱性 CWE-Other
その他
CVE-2010-3337 2010-12-6 15:44 2010-08-23 Show GitHub Exploit DB Packet Storm
202436 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2010-3335 2010-12-6 15:36 2010-11-9 Show GitHub Exploit DB Packet Storm
202437 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2010-3334 2010-12-6 15:30 2010-11-9 Show GitHub Exploit DB Packet Storm
202438 4.3 警告 Zope Foundation - Zope Object Database の ZEO/StorageServer.py におけるサービス運用妨害 (DoS) の脆弱性 CWE-362
競合状態
CVE-2010-3495 2010-12-6 15:20 2010-10-19 Show GitHub Exploit DB Packet Storm
202439 4.3 警告 マイクロソフト - 複数の Microsoft 製品の toStaticHTML 関数 および SafeHTML 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-3324 2010-12-3 14:05 2010-10-12 Show GitHub Exploit DB Packet Storm
202440 6.8 警告 アップル - Apple Mac OS X の xar におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-3798 2010-12-3 13:13 2010-11-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 5:14 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1741 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Odihost Easy Gallery allows SQL Injection.This issue affects Easy Gallery: from n/a through 1.4. CWE-89
SQL Injection
CVE-2024-51570 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1742 9.8 CRITICAL
Network
- - The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'params[caf-post-layout]' parameter. This makes it possible for… - CVE-2024-10871 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1743 - - - The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_manage_file_chunk_upload() function in all versions up to,… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-10801 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1744 9.8 CRITICAL
Network
- - The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the import_set… CWE-862
 Missing Authorization
CVE-2024-10589 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1745 9.8 CRITICAL
Network
- - The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the user_profile_image_upload() function in all versions up to, and including, 1.… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-10547 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1746 9.8 CRITICAL
Network
- - The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6… CWE-230
CVE-2024-10508 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1747 4.9 MEDIUM
Network
- - The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 5.4.6 due … CWE-89
SQL Injection
CVE-2024-9874 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1748 6.1 MEDIUM
Network
- - The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & rem… CWE-79
Cross-site Scripting
CVE-2024-10876 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1749 4.3 MEDIUM
Network
- - The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.2 via the 'attesa-template' shortcode due to insufficient restrictions on which p… CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2024-10688 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1750 6.1 MEDIUM
Network
- - The Contact Form 7 – PayPal & Stripe Add-on plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the… CWE-79
Cross-site Scripting
CVE-2024-10683 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm