Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 10 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
202681 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3241 2010-10-28 16:33 2010-10-12 Show GitHub Exploit DB Packet Storm
202682 9.3 危険 マイクロソフト - Microsoft Excel における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3239 2010-10-28 16:32 2010-10-12 Show GitHub Exploit DB Packet Storm
202683 9.3 危険 マイクロソフト - Microsoft Excel および Microsoft Office における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3237 2010-10-28 16:32 2010-10-12 Show GitHub Exploit DB Packet Storm
202684 9.3 危険 マイクロソフト - Microsoft Excel における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3235 2010-10-27 15:17 2010-10-12 Show GitHub Exploit DB Packet Storm
202685 9.3 危険 マイクロソフト - Microsoft Excel における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3234 2010-10-27 15:17 2010-10-12 Show GitHub Exploit DB Packet Storm
202686 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-3231 2010-10-27 15:16 2010-10-12 Show GitHub Exploit DB Packet Storm
202687 9.3 危険 マイクロソフト - Microsoft Excel における整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2010-3230 2010-10-27 15:16 2010-10-12 Show GitHub Exploit DB Packet Storm
202688 9.3 危険 マイクロソフト - 複数の Microsoft 製品におけるスタックベースのバッファオーバーフローの脆弱性 CWE-94
コード・インジェクション
CVE-2010-3221 2010-10-27 15:16 2010-10-12 Show GitHub Exploit DB Packet Storm
202689 9.3 危険 マイクロソフト - 複数の Microsoft 製品におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-3214 2010-10-27 15:15 2010-10-12 Show GitHub Exploit DB Packet Storm
202690 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2010-3220 2010-10-27 15:15 2010-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 5:14 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1741 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Odihost Easy Gallery allows SQL Injection.This issue affects Easy Gallery: from n/a through 1.4. CWE-89
SQL Injection
CVE-2024-51570 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1742 9.8 CRITICAL
Network
- - The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'params[caf-post-layout]' parameter. This makes it possible for… - CVE-2024-10871 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1743 - - - The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_manage_file_chunk_upload() function in all versions up to,… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-10801 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1744 9.8 CRITICAL
Network
- - The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the import_set… CWE-862
 Missing Authorization
CVE-2024-10589 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1745 9.8 CRITICAL
Network
- - The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the user_profile_image_upload() function in all versions up to, and including, 1.… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-10547 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1746 9.8 CRITICAL
Network
- - The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6… CWE-230
CVE-2024-10508 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1747 4.9 MEDIUM
Network
- - The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 5.4.6 due … CWE-89
SQL Injection
CVE-2024-9874 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1748 6.1 MEDIUM
Network
- - The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & rem… CWE-79
Cross-site Scripting
CVE-2024-10876 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1749 4.3 MEDIUM
Network
- - The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.2 via the 'attesa-template' shortcode due to insufficient restrictions on which p… CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2024-10688 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
1750 6.1 MEDIUM
Network
- - The Contact Form 7 – PayPal & Stripe Add-on plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the… CWE-79
Cross-site Scripting
CVE-2024-10683 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm