Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 15, 2024, 4:02 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
203621 7.5 危険 アップル - Apple Mac OS X の iChat サーバにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-0504 2010-04-14 17:11 2010-03-29 Show GitHub Exploit DB Packet Storm
203622 6.5 警告 アップル - Apple Mac OS X の iChat サーバにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題
CVE-2010-0503 2010-04-14 17:10 2010-03-29 Show GitHub Exploit DB Packet Storm
203623 4.3 警告 アップル - Apple Mac OS X の iChat サーバにおけるメッセージの監査を回避可能な脆弱性 CWE-DesignError
CVE-2010-0502 2010-04-14 17:10 2010-03-29 Show GitHub Exploit DB Packet Storm
203624 5 警告 アップル
レッドハット
jabberd 2.x project
- Jabber Studio jabberd の SASL ネゴシエーションにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-1329 2010-04-14 17:10 2006-03-21 Show GitHub Exploit DB Packet Storm
203625 7.2 危険 アップル - Apple Mac OS X の FTP サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2010-0501 2010-04-14 17:10 2010-03-29 Show GitHub Exploit DB Packet Storm
203626 7.5 危険 アップル - Apple Mac OS X の FreeRADIUS サーバにおけるネットワーク接続を確立される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2010-0524 2010-04-14 17:10 2010-03-29 Show GitHub Exploit DB Packet Storm
203627 7.8 危険 アップル - Apple Mac OS X の Event Monitor におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2010-0500 2010-04-14 17:09 2010-03-29 Show GitHub Exploit DB Packet Storm
203628 6.5 警告 アップル - Apple Mac OS X の Dovecot におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2010-0535 2010-04-14 17:09 2010-03-29 Show GitHub Exploit DB Packet Storm
203629 7.2 危険 アップル - Apple Mac OS X のディレクトリサービスにおける権限を取得される脆弱性 CWE-287
不適切な認証
CVE-2010-0498 2010-04-14 17:09 2010-03-29 Show GitHub Exploit DB Packet Storm
203630 6.8 警告 アップル - Apple Mac OS X のディスクイメージにおける任意のコードを実行される脆弱性 CWE-DesignError
CVE-2010-0497 2010-04-14 17:09 2010-03-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 15, 2024, 4:16 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1641 5.4 MEDIUM
Network
mappresspro mappress The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map block in all versions up to, and including, 2.94.1 due to insufficient input san… CWE-79
Cross-site Scripting
CVE-2024-10715 2024-11-9 05:25 2024-11-6 Show GitHub Exploit DB Packet Storm
1642 9.8 CRITICAL
Network
eyecix jobsearch_wp_job_board The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_location_load_excel_file_callback() function in all versio… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-8615 2024-11-9 05:24 2024-11-6 Show GitHub Exploit DB Packet Storm
1643 8.8 HIGH
Network
eyecix jobsearch_wp_job_board The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_wp_handle_upload() function in all versions up to, and inc… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-8614 2024-11-9 05:23 2024-11-6 Show GitHub Exploit DB Packet Storm
1644 5.3 MEDIUM
Network
dlink dns-320_firmware
dns-320lw_firmware
dns-325_firmware
dns-340l_firmware
A vulnerability classified as problematic has been found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. This affects an unknown part of the file /xml/info.xml of the component HTT… NVD-CWE-Other
CVE-2024-10916 2024-11-9 05:11 2024-11-7 Show GitHub Exploit DB Packet Storm
1645 9.8 CRITICAL
Network
dlink dns-320_firmware
dns-320lw_firmware
dns-325_firmware
dns-340l_firmware
A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgi_user_add of the file /cgi-bin/ac… CWE-78
OS Command 
CVE-2024-10915 2024-11-9 05:11 2024-11-6 Show GitHub Exploit DB Packet Storm
1646 5.4 MEDIUM
Network
envothemes envo\'s_elementor_templates_\&_widgets_for_woocommerce Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.This iss… CWE-79
Cross-site Scripting
CVE-2024-50447 2024-11-9 05:07 2024-10-29 Show GitHub Exploit DB Packet Storm
1647 7.8 HIGH
Local
linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this check… CWE-416
 Use After Free
CVE-2024-50125 2024-11-9 05:04 2024-11-6 Show GitHub Exploit DB Packet Storm
1648 7.8 HIGH
Local
linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this check… CWE-416
 Use After Free
CVE-2024-50124 2024-11-9 05:04 2024-11-6 Show GitHub Exploit DB Packet Storm
1649 7.1 HIGH
Local
linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: bpf: Add the missing BPF_LINK_TYPE invocation for sockmap There is an out-of-bounds read in bpf_link_show_fdinfo() for the sockma… CWE-125
Out-of-bounds Read
CVE-2024-50123 2024-11-9 05:03 2024-11-6 Show GitHub Exploit DB Packet Storm
1650 9.8 CRITICAL
Network
dlink dns-320_firmware
dns-320lw_firmware
dns-325_firmware
dns-340l_firmware
A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. Affected by this vulnerability is the function cgi_user_add of the file … CWE-78
CWE-74
CWE-707
OS Command 
Injection
 Improper Enforcement of Message or Data Structure
CVE-2024-10914 2024-11-9 04:53 2024-11-6 Show GitHub Exploit DB Packet Storm