Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
186961 7.5 危険 Google - Android 用 QuIC Diagnostics カーネルモードドライバにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-4221 2012-12-3 15:21 2012-11-15 Show GitHub Exploit DB Packet Storm
186962 7.5 危険 Google - Android 用 QuIC Diagnostics カーネルモードドライバにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-4220 2012-12-3 15:21 2012-11-15 Show GitHub Exploit DB Packet Storm
186963 6.4 警告 Django Software Foundation - Django における任意の URL が表示される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4520 2012-11-30 18:16 2012-10-17 Show GitHub Exploit DB Packet Storm
186964 4.3 警告 ViewVC - ViewVC の lib/viewvc.py におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4533 2012-11-30 18:09 2012-10-24 Show GitHub Exploit DB Packet Storm
186965 5.4 警告 (複数のベンダ) - Android OS を搭載した複数の端末におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		- 2012-11-30 17:59 2012-11-14 Show GitHub Exploit DB Packet Storm
186966 10 危険 Autonomy - Autonomy Keyview IDOL ライブラリに複数の脆弱性 - - 2012-11-30 17:52 2012-11-21 Show GitHub Exploit DB Packet Storm
186967 1.2 注意 Munin - Munin 用 qmailscan プラグインにおける任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2012-2103 2012-11-30 17:50 2012-08-26 Show GitHub Exploit DB Packet Storm
186968 5 警告 Apache Software Foundation - Apache POI におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-0213 2012-11-30 15:09 2012-08-7 Show GitHub Exploit DB Packet Storm
186969 5 警告 日本電気
アップル
サイバートラスト株式会社
サン・マイクロシステムズ
ヒューレット・パッカード
VMware
日立
レッドハット		 - Sun JRE で使用している Apache Xerces2 Java におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-2625 2012-11-30 14:55 2009-08-5 Show GitHub Exploit DB Packet Storm
186970 4.3 警告 オラクル - Oracle OpenSSO における認証の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-0079 2012-11-30 14:51 2012-01-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 22, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
151 9.8 CRITICAL
Network 		enituretechnology ltl_freight_quotes The LTL Freight Quotes – Unishippers Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' parameter in all versions up to, and including, 2.5.8 due to insufficient escaping o… Update CWE-89
SQL Injection 		CVE-2024-13477 2025-02-21 01:30 2025-02-12 Show GitHub Exploit DB Packet Storm
152 5.4 MEDIUM
Network 		kevonadonis wp_abstracts The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.3. This is due to missing nonce validation on multiple functions. This make… Update CWE-352
 Origin Validation Error 		CVE-2024-12386 2025-02-21 01:29 2025-02-12 Show GitHub Exploit DB Packet Storm
153 8.8 HIGH
Network 		brizy brizy The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'storeUploads' function in all versions up to, and including, 2.6.4. T… Update CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-10960 2025-02-21 01:26 2025-02-12 Show GitHub Exploit DB Packet Storm
154 8.8 HIGH
Network 		1000projects attendance_tracking_management_system A vulnerability, which was classified as critical, was found in 1000 Projects Attendance Tracking Management System 1.0. This affects an unknown part of the file /admin/chart1.php. The manipulation o… Update CWE-89
SQL Injection 		CVE-2025-1189 2025-02-21 01:24 2025-02-12 Show GitHub Exploit DB Packet Storm
155 7.5 HIGH
Network 		enituretechnology shipengine_shipping_quotes The ShipEngine Shipping Quotes plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' parameter in all versions up to, and including, 1.0.7 due to insufficient escaping on the user sup… Update CWE-89
SQL Injection 		CVE-2024-13531 2025-02-21 01:23 2025-02-12 Show GitHub Exploit DB Packet Storm
156 7.8 HIGH
Local 		- - IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 and 11.0.0.0 could allow a local user to execute arbitrary code due to improper restrictions on code generation. New CWE-94
Code Injection 		CVE-2025-0161 2025-02-21 01:15 2025-02-21 Show GitHub Exploit DB Packet Storm
157 - - - A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Meeting Room Booking System v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possi… New - CVE-2023-51332 2025-02-21 01:15 2025-02-21 Show GitHub Exploit DB Packet Storm
158 - - - PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation … New - CVE-2023-51331 2025-02-21 01:15 2025-02-21 Show GitHub Exploit DB Packet Storm
159 - - - PHPJabbers Cinema Booking System v1.0 is vulnerable to Reflected Cross-Site Scripting (XSS) in Now Showing menu "date" parameter. New - CVE-2023-51330 2025-02-21 01:15 2025-02-21 Show GitHub Exploit DB Packet Storm
160 - - - A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possib… New - CVE-2023-51327 2025-02-21 01:15 2025-02-21 Show GitHub Exploit DB Packet Storm