Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 6, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
203181	3.2	注意	オラクル	-	Oracle Database の Oracle Spatial コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3413	2010-02-12 12:22	2010-01-12	Show	GitHub Exploit DB Packet Storm

203182	3.6	注意	オラクル	-	Oracle Database の RDBMS コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3410	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

203183	4	警告	オラクル	-	Oracle Database の Logical Standby コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-1996	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

203184	4.9	警告	オラクル	-	Oracle Database の Oracle Spatial コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3414	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

203185	4.9	警告	オラクル	-	Oracle Database の Oracle Data Pump コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3411	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

203186	6	警告	オラクル	-	Oracle Database の Application Express Application Builder コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0076	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

203187	9	危険	オラクル	-	Oracle Database の Oracle OLAP コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3415	2010-02-12 12:20	2010-01-12	Show	GitHub Exploit DB Packet Storm

203188	10	危険	オラクル	-	Oracle Database の Listener コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0071	2010-02-12 12:20	2010-01-12	Show	GitHub Exploit DB Packet Storm

203189	5	警告	Pidgin Adium レッドハット	-	Pidgin および Adium の MSN プロトコルプラグインにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0013	2010-02-10 13:39	2010-01-8	Show	GitHub Exploit DB Packet Storm

203190	10	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat の U3D 実装における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2009-3959	2010-02-10 13:39	2010-01-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 6, 2024, 4:19 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1901	6.1	MEDIUM Network	cisco	firepower_management_center	A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attac…	CWE-79 Cross-site Scripting	CVE-2024-20415	2024-11-1 04:17	2024-10-24	Show	GitHub Exploit DB Packet Storm

1902	6.1	MEDIUM Network	cisco	secure_firewall_management_center	A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attac…	CWE-79 Cross-site Scripting	CVE-2024-20273	2024-11-1 04:09	2024-10-24	Show	GitHub Exploit DB Packet Storm

1903	5.4	MEDIUM Network	cisco	secure_firewall_management_center	A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack …	CWE-79 Cross-site Scripting	CVE-2024-20264	2024-11-1 04:04	2024-10-24	Show	GitHub Exploit DB Packet Storm

1904	6.1	MEDIUM Network	abdullahirfan	whitelist	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Abdullah Irfan Whitelist allows Reflected XSS.This issue affects Whitelist: from n/a throu…	CWE-79 Cross-site Scripting	CVE-2024-49643	2024-11-1 03:48	2024-10-29	Show	GitHub Exploit DB Packet Storm

1905	6.5	MEDIUM Network	lunary	lunary	lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API (/v1/users/send-verification) and Sign up API (/auth/signup). An unauthenticated attacker can inj…	CWE-74 Injection	CVE-2024-7472	2024-11-1 03:46	2024-10-29	Show	GitHub Exploit DB Packet Storm

1906	5.4	MEDIUM Network	salonbookingsystem	salon_booking_system	The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versio…	CWE-862 Missing Authorization	CVE-2024-4468	2024-11-1 03:40	2024-06-8	Show	GitHub Exploit DB Packet Storm

1907	6.1	MEDIUM Network	awplife	formula	The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the 'ti_customizer_notify_dismiss_recommended_plugins' AJAX action in all versions up to, and…	CWE-79 Cross-site Scripting	CVE-2024-5638	2024-11-1 03:38	2024-06-8	Show	GitHub Exploit DB Packet Storm

1908	9.8	CRITICAL Network	langchain	langchain	A vulnerability in the GraphCypherQAChain class of langchain-ai/langchainjs versions 0.2.5 and all versions with this class allows for prompt injection, leading to SQL injection. This vulnerability p…	CWE-89 SQL Injection	CVE-2024-7042	2024-11-1 03:36	2024-10-29	Show	GitHub Exploit DB Packet Storm

1909	-		-	-	An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For examp…	-	CVE-2024-33869	2024-11-1 03:35	2024-07-4	Show	GitHub Exploit DB Packet Storm

1910	-		-	-	MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results.	-	CVE-2024-37763	2024-11-1 03:35	2024-07-2	Show	GitHub Exploit DB Packet Storm