Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
186761 5.4 警告 VMware
Linux		 - Linux Kernel の setup_cifs_sb 関数におけるサービス運用妨害 (システムクラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3363 2012-12-17 16:00 2012-05-24 Show GitHub Exploit DB Packet Storm
186762 4.9 警告 VMware
Linux		 - x86 プラットフォーム上の Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2011-3209 2012-12-17 15:59 2008-07-13 Show GitHub Exploit DB Packet Storm
186763 7.8 危険 VMware
Linux		 - Linux Kernel の IPv4 と IPv6 の実装におけるサービス運用妨害 (ネットワーク障害) の脆弱性 CWE-DesignError
CVE-2011-3188 2012-12-17 15:57 2012-05-24 Show GitHub Exploit DB Packet Storm
186764 4.3 警告 VideoLAN - VideoLAN VLC media player の libpng_plugin におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-119
バッファエラー 		CVE-2012-5470 2012-12-17 13:47 2012-10-26 Show GitHub Exploit DB Packet Storm
186765 2.1 注意 シトリックス・システムズ - Xen におけるサービス運用妨害 (無限ループ および ハングアップまたはクラッシュ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-4539 2012-12-17 13:43 2012-11-13 Show GitHub Exploit DB Packet Storm
186766 4.9 警告 シトリックス・システムズ - Xen の HVMOP_pagetable_dying ハイパーコールにおけるサービス運用妨害 (ハイパーバイザクラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4538 2012-12-17 13:41 2012-11-13 Show GitHub Exploit DB Packet Storm
186767 2.1 注意 シトリックス・システムズ - Xen におけるサービス運用妨害 (メモリ消費および表明違反) の脆弱性 CWE-16
環境設定 		CVE-2012-4537 2012-12-17 12:30 2012-11-13 Show GitHub Exploit DB Packet Storm
186768 1.9 注意 シトリックス・システムズ - Xen におけるサービス運用妨害 (Xen の無限ループおよび物理 CPU の消費) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-4535 2012-12-17 12:28 2012-11-13 Show GitHub Exploit DB Packet Storm
186769 4.3 警告 Wikka Development Team - WikkaWiki におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2012-12-17 12:15 2012-12-17 Show GitHub Exploit DB Packet Storm
186770 4.3 警告 Netsweeper, Inc. - Netsweeper の WebAdmin Portal におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2446 2012-12-17 11:02 2012-07-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 26, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
91 - - - A lack of input validation allows for out of bounds reads caused by malicious or malformed packets. New - CVE-2025-1674 2025-02-25 17:15 2025-02-25 Show GitHub Exploit DB Packet Storm
92 4.3 MEDIUM
Network 		- - The WordPress File Upload plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.25.2. This is due to missing or incorrect nonce validation on the 'w… New CWE-352
 Origin Validation Error 		CVE-2024-13494 2025-02-25 17:15 2025-02-25 Show GitHub Exploit DB Packet Storm
93 - - - A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation. New - CVE-2025-1673 2025-02-25 16:15 2025-02-25 Show GitHub Exploit DB Packet Storm
94 7.5 HIGH
Network 		- - The Yawave plugin for WordPress is vulnerable to SQL Injection via the 'lbid' parameter in all versions up to, and including, 2.9.1 due to insufficient escaping on the user supplied parameter and lac… New CWE-89
SQL Injection 		CVE-2025-1648 2025-02-25 16:15 2025-02-25 Show GitHub Exploit DB Packet Storm
95 9.8 CRITICAL
Network 		- - The Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file upload, read, and deletion due to missing file ty… New CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2025-1128 2025-02-25 16:15 2025-02-25 Show GitHub Exploit DB Packet Storm
96 5.3 MEDIUM
Network 		- - The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.4 via the rtcl_taxon… New CWE-200
Information Exposure 		CVE-2025-1063 2025-02-25 16:15 2025-02-25 Show GitHub Exploit DB Packet Storm
97 - - - A SQL injection vulnerability in the Hikashop component versions 3.3.0-5.1.4 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the category management are… New - CVE-2025-22210 2025-02-25 15:15 2025-02-25 Show GitHub Exploit DB Packet Storm
98 5.3 MEDIUM
Network 		theeventscalendar event_tickets The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ajax_ticket_delete' function in all versions up to, and in… Update CWE-862
 Missing Authorization 		CVE-2025-1402 2025-02-25 13:04 2025-02-21 Show GitHub Exploit DB Packet Storm
99 7.2 HIGH
Network 		satollo head\
_footer\
_and_post_injections 		The Head, Footer and Post Injections plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.3.0. This makes it possible for authenticated attackers, with Adm… Update CWE-94
Code Injection 		CVE-2024-13900 2025-02-25 13:02 2025-02-21 Show GitHub Exploit DB Packet Storm
100 4.3 MEDIUM
Network 		victorfreitas wpupper_share_buttons The WPUpper Share Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.51. This is due to missing or incorrect nonce validation on the 'sav… Update CWE-352
 Origin Validation Error 		CVE-2024-13883 2025-02-25 12:39 2025-02-21 Show GitHub Exploit DB Packet Storm