Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 30, 2024, 12:06 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
202471 6.9 警告 マイクロソフト - Microsoft Windows の Client/Server Run-time Subsystem における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2010-0023 2010-03-3 11:53 2010-02-9 Show GitHub Exploit DB Packet Storm
202472 4 警告 マイクロソフト - Microsoft Windows の Hyper-V サーバ実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2010-0026 2010-03-3 11:53 2010-02-9 Show GitHub Exploit DB Packet Storm
202473 9.3 危険 日本電気
アップル
富士通
古河電気工業
ヒューレット・パッカード
インターネットイニシアティブ
アラクサラネットワークス
日立
- IPv6 NDP 実装における Neighbor Discovery メッセージの送信元検証処理に関する脆弱性 CWE-20
不適切な入力確認
CVE-2008-2476 2010-03-3 11:43 2008-10-3 Show GitHub Exploit DB Packet Storm
202474 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-0034 2010-03-2 11:29 2010-02-9 Show GitHub Exploit DB Packet Storm
202475 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-0033 2010-03-2 11:28 2010-02-9 Show GitHub Exploit DB Packet Storm
202476 9.3 危険 マイクロソフト - Microsoft Office PowerPoint における任意のコードを実行される脆弱性 CWE-94
CWE-Other
CVE-2010-0032 2010-03-2 11:28 2010-02-9 Show GitHub Exploit DB Packet Storm
202477 9.3 危険 マイクロソフト - Microsoft Office PowerPoint における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-0031 2010-03-2 11:27 2010-02-9 Show GitHub Exploit DB Packet Storm
202478 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-0030 2010-03-2 11:27 2010-02-9 Show GitHub Exploit DB Packet Storm
202479 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-0029 2010-03-2 11:26 2010-02-9 Show GitHub Exploit DB Packet Storm
202480 10 危険 マイクロソフト - Microsoft Office の MSO.DLL におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-0243 2010-03-1 11:37 2010-02-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 30, 2024, 6:01 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
671 5.4 MEDIUM
Network
wolfiezero spotify_play_button The Spotify Play Button WordPress plugin through 1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could… Update CWE-79
Cross-site Scripting
CVE-2024-5199 2024-10-29 06:35 2024-06-26 Show GitHub Exploit DB Packet Storm
672 - - - The Bookster WordPress plugin through 1.1.0 allows adding sensitive parameters when validating appointments allowing attackers to manipulate the data sent when booking an appointment (the request bo… Update - CVE-2024-5071 2024-10-29 06:35 2024-06-26 Show GitHub Exploit DB Packet Storm
673 - - - A buffer overflow in PX4-Autopilot v1.12.3 allows attackers to cause a Denial of Service (DoS) via a crafted MavLink message. Update - CVE-2024-38951 2024-10-29 06:35 2024-06-25 Show GitHub Exploit DB Packet Storm
674 9.1 CRITICAL
Network
gnu wget url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponen… Update CWE-436
 Interpretation Conflict
CVE-2024-38428 2024-10-29 06:35 2024-06-16 Show GitHub Exploit DB Packet Storm
675 6.1 MEDIUM
Network
projectcaruso pray_for_me The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin vi… Update CWE-79
Cross-site Scripting
CVE-2024-3966 2024-10-29 06:35 2024-06-14 Show GitHub Exploit DB Packet Storm
676 - - - The Social Sharing Plugin WordPress plugin before 3.3.63 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scriptin… Update - CVE-2024-4924 2024-10-29 06:35 2024-06-12 Show GitHub Exploit DB Packet Storm
677 - - - The file scheme of URLs would be hidden, resulting in potential spoofing of a website's address in the location bar This vulnerability affects Focus for iOS < 126. Update - CVE-2024-5022 2024-10-29 06:35 2024-05-18 Show GitHub Exploit DB Packet Storm
678 - - - Information management vulnerability in the Gallery module.Successful exploitation of this vulnerability may affect service confidentiality. Update - CVE-2023-52376 2024-10-29 06:35 2024-02-18 Show GitHub Exploit DB Packet Storm
679 - - - Permission management vulnerability in the lock screen module.Successful exploitation of this vulnerability may affect availability. Update - CVE-2023-52362 2024-10-29 06:35 2024-02-18 Show GitHub Exploit DB Packet Storm
680 6.1 MEDIUM
Network
sitegeist fluid_components The fluid_components (aka Fluid Components) extension before 3.5.0 for TYPO3 allows XSS via a component argument parameter, for certain {content} use cases that may be edge cases. Update CWE-79
Cross-site Scripting
CVE-2023-28604 2024-10-29 06:35 2023-12-13 Show GitHub Exploit DB Packet Storm