Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
186931	7.5	危険	Joomla!	-	Joomla! における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1598	2012-12-5 11:55	2012-03-27	Show	GitHub Exploit DB Packet Storm

186932	10	危険	Google	-	Google Chrome における脆弱性	CWE-noinfo 情報不足	CVE-2012-5138	2012-12-5 11:48	2012-11-29	Show	GitHub Exploit DB Packet Storm

186933	10	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-5137	2012-12-5 11:46	2012-11-29	Show	GitHub Exploit DB Packet Storm

186934	7.5	危険	Google	-	Google Chrome OS の WebGL サブシステムにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-5129	2012-12-5 11:39	2012-11-30	Show	GitHub Exploit DB Packet Storm

186935	7.5	危険	David Alkire	-	Drupal 用 Drag & Drop Gallery モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-4479	2012-12-4 16:28	2012-07-11	Show	GitHub Exploit DB Packet Storm

186936	6.8	警告	David Alkire	-	Drupal 用 Drag & Drop Gallery モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4478	2012-12-4 16:27	2012-07-11	Show	GitHub Exploit DB Packet Storm

186937	5	警告	David Alkire	-	Drupal 用 Drag & Drop Gallery モジュールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4477	2012-12-4 16:27	2012-07-11	Show	GitHub Exploit DB Packet Storm

186938	4.3	警告	David Alkire	-	Drupal 用 Drag & Drop Gallery モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4476	2012-12-4 16:26	2012-07-11	Show	GitHub Exploit DB Packet Storm

186939	5	警告	Chris Hertzog	-	Drupal 用 Security Questions モジュールにおける任意のユーザの質問および回答を編集される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4475	2012-12-4 16:26	2012-07-11	Show	GitHub Exploit DB Packet Storm

186940	4.3	警告	Dennis Blake	-	Drupal 用 Colorbox Node モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4474	2012-12-4 16:24	2012-07-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 19, 2025, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
71	4.3	MEDIUM Network	-	-	The Team Builder – Meet the Team plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_team_builder_options() function in all versions … New	CWE-862 Missing Authorization	CVE-2024-13687	2025-02-18 14:15	2025-02-18	Show	GitHub Exploit DB Packet Storm

72	8.1	HIGH Network	-	-	The Reset plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6. This is due to missing or incorrect nonce validation on the reset_db_page() funct… New	CWE-352 Origin Validation Error	CVE-2024-13684	2025-02-18 14:15	2025-02-18	Show	GitHub Exploit DB Packet Storm

73	8.8	HIGH Network	-	-	The GetBookingsWP – Appointments Booking Calendar Plugin For WordPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.27. Th… New	CWE-862 Missing Authorization	CVE-2024-13677	2025-02-18 14:15	2025-02-18	Show	GitHub Exploit DB Packet Storm

74	7.5	HIGH Network	-	-	The File Uploads Addon for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.1 via the 'uploads' directory. This makes it poss… New	CWE-200 Information Exposure	CVE-2024-13622	2025-02-18 14:15	2025-02-18	Show	GitHub Exploit DB Packet Storm

75	5.9	MEDIUM Network	-	-	The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1 via the class-ocm-… New	CWE-200 Information Exposure	CVE-2024-13609	2025-02-18 14:15	2025-02-18	Show	GitHub Exploit DB Packet Storm

76	6.5	MEDIUM Network	-	-	The Simple Signup Form plugin for WordPress is vulnerable to SQL Injection via the 'id' attribute of the 'ssf' shortcode in all versions up to, and including, 1.6.5 due to insufficient escaping on th… New	CWE-89 SQL Injection	CVE-2024-13595	2025-02-18 14:15	2025-02-18	Show	GitHub Exploit DB Packet Storm

77	6.4	MEDIUM Network	-	-	The Simplebooklet PDF Viewer and Embedder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'simplebooklet' shortcode in all versions up to, and including, 1.1.0 due … New	CWE-79 Cross-site Scripting	CVE-2024-13588	2025-02-18 14:15	2025-02-18	Show	GitHub Exploit DB Packet Storm

78	6.4	MEDIUM Network	-	-	The Zigaform – Price Calculator & Cost Estimation Form Builder Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'zgfm_fvar' shortcode in all versions up to, and… New	CWE-79 Cross-site Scripting	CVE-2024-13587	2025-02-18 14:15	2025-02-18	Show	GitHub Exploit DB Packet Storm

79	6.4	MEDIUM Network	-	-	The Simple Pricing Tables For WPBakery Page Builder(Formerly Visual Composer) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wdo_simple_pricing_table_free' shortc… New	CWE-79 Cross-site Scripting	CVE-2024-13582	2025-02-18 14:15	2025-02-18	Show	GitHub Exploit DB Packet Storm

80	6.4	MEDIUM Network	-	-	The Simple Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'simple_chart' shortcode in all versions up to, and including, 1.0 due to insufficient input sanit… New	CWE-79 Cross-site Scripting	CVE-2024-13581	2025-02-18 14:15	2025-02-18	Show	GitHub Exploit DB Packet Storm