Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 1, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 228391 | 4.3 | 警告 | TYPO3 Association | - | TYPO3 の Frontend Login Box サブコンポーネントにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-3634 | 2012-12-20 19:28 | 2009-11-2 | Show | GitHub Exploit DB Packet Storm |
| 228392 | 4.3 | 警告 | TYPO3 Association | - | TYPO3 の t3lib_div::quoteJSvalue API 関数におけるクロスサイトスクリプティングの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2009-3633 | 2012-12-20 19:28 | 2009-11-2 | Show | GitHub Exploit DB Packet Storm |
| 228393 | 6.5 | 警告 | TYPO3 Association | - | TYPO3 の Frontend Editing サブコンポーネントにおける SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-3632 | 2012-12-20 19:28 | 2009-11-2 | Show | GitHub Exploit DB Packet Storm |
| 228394 | 8.5 | 危険 | TYPO3 Association | - | TYPO3 の Backend サブコンポーネントにおける任意のコマンドを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-3631 | 2012-12-20 19:28 | 2009-11-2 | Show | GitHub Exploit DB Packet Storm |
| 228395 | 5.5 | 警告 | TYPO3 Association | - | TYPO3 の Backend サブコンポーネントにおける任意の Web サイトを配置される脆弱性 |
CWE-Other
その他 |
CVE-2009-3630 | 2012-12-20 19:28 | 2009-11-2 | Show | GitHub Exploit DB Packet Storm |
| 228396 | 3.5 | 注意 | TYPO3 Association | - | TYPO3 の Backend サブコンポーネントにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-3629 | 2012-12-20 19:28 | 2009-11-2 | Show | GitHub Exploit DB Packet Storm |
| 228397 | 4 | 警告 | TYPO3 Association | - | TYPO3 の Backend サブコンポーネントにおける暗号鍵を特定される脆弱性 |
CWE-200
情報漏えい |
CVE-2009-3628 | 2012-12-20 19:28 | 2009-11-2 | Show | GitHub Exploit DB Packet Storm |
| 228398 | 7.5 | 危険 | sahana | - | Sahana の www/index.php におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2009-3625 | 2012-12-20 19:28 | 2009-06-25 | Show | GitHub Exploit DB Packet Storm |
| 228399 | 4.3 | 警告 | WordPress.org | - | WordPress の wp-trackback.php におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-310
暗号の問題 |
CVE-2009-3622 | 2012-12-20 19:28 | 2009-10-20 | Show | GitHub Exploit DB Packet Storm |
| 228400 | 5 | 警告 | ViewVC | - | ViewVC における脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-3619 | 2012-12-20 19:28 | 2009-08-11 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 1, 2026, 4:12 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 194781 | 5.4 |
MEDIUM
Network |
enviragallery | envira_gallery | Unvalidated input and lack of output encoding in the Envira Gallery Lite WordPress plugin, versions before 1.8.3.3, did not properly sanitise the images metadata (namely title) before outputting them… |
CWE-79
Cross-site Scripting |
CVE-2021-24126 | 2024-11-21 14:52 | 2021-03-19 | Show | GitHub Exploit DB Packet Storm |
| 194782 | 7.2 |
HIGH
Network |
contact_form_submissions_project | contact_form_submissions | Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privile… |
CWE-89
SQL Injection |
CVE-2021-24125 | 2024-11-21 14:52 | 2021-03-19 | Show | GitHub Exploit DB Packet Storm |
| 194783 | 6.1 |
MEDIUM
Network |
terryl | wp_shieldon | Unvalidated input and lack of output encoding in the WP Shieldon WordPress plugin, version 1.6.3 and below, leads to Unauthenticated Reflected Cross-Site Scripting (XSS) when the CAPTCHA page is show… |
CWE-79
Cross-site Scripting |
CVE-2021-24124 | 2024-11-21 14:52 | 2021-03-19 | Show | GitHub Exploit DB Packet Storm |
| 194784 | 7.2 |
HIGH
Network |
blubrry | powerpress | Arbitrary file upload in the PowerPress WordPress plugin, versions before 8.3.8, did not verify some of the uploaded feed images (such as the ones from Podcast Artwork section), allowing high privile… |
CWE-434
Unrestricted Upload of File with Dangerous Type |
CVE-2021-24123 | 2024-11-21 14:52 | 2021-03-19 | Show | GitHub Exploit DB Packet Storm |
| 194785 | 7.5 |
HIGH
Network |
proxygen mvfst |
A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message sho… |
CWE-617
Reachable Assertion |
CVE-2021-24029 | 2024-11-21 14:52 | 2021-03-16 | Show | GitHub Exploit DB Packet Storm | |
| 194786 | 7.8 |
HIGH
Local |
microsoft | high_efficiency_video_coding | HEVC Video Extensions Remote Code Execution Vulnerability |
NVD-CWE-noinfo
|
CVE-2021-24110 | 2024-11-21 14:52 | 2021-03-12 | Show | GitHub Exploit DB Packet Storm |
| 194787 | 7.8 |
HIGH
Local |
microsoft |
office 365_apps |
Microsoft Office Remote Code Execution Vulnerability |
NVD-CWE-noinfo
|
CVE-2021-24108 | 2024-11-21 14:52 | 2021-03-12 | Show | GitHub Exploit DB Packet Storm |
| 194788 | 5.5 |
MEDIUM
Local |
microsoft |
windows_server_2008 windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019 |
Windows Event Tracing Information Disclosure Vulnerability |
NVD-CWE-noinfo
|
CVE-2021-24107 | 2024-11-21 14:52 | 2021-03-12 | Show | GitHub Exploit DB Packet Storm |
| 194789 | 4.6 |
MEDIUM
Local |
microsoft |
sharepoint_foundation sharepoint_enterprise_server sharepoint_server |
Microsoft SharePoint Server Spoofing Vulnerability |
NVD-CWE-noinfo
|
CVE-2021-24104 | 2024-11-21 14:52 | 2021-03-12 | Show | GitHub Exploit DB Packet Storm |
| 194790 | 7.0 |
HIGH
Local |
microsoft |
windows_10 windows_server_2019 windows_server_2016 |
DirectX Elevation of Privilege Vulnerability |
CWE-269
Improper Privilege Management |
CVE-2021-24095 | 2024-11-21 14:52 | 2021-03-12 | Show | GitHub Exploit DB Packet Storm |