Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
187061 6.9 警告 シトリックス・システムズ - Xen および Citrix XenServer の grant table hypercall におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3516 2012-11-27 16:09 2012-09-5 Show GitHub Exploit DB Packet Storm
187062 6.9 警告 シトリックス・システムズ - Xen の Transcendent Memory におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3497 2012-11-27 15:55 2012-09-5 Show GitHub Exploit DB Packet Storm
187063 4.3 警告 アップル - 複数の Apple 製品で使用される WebKit におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-3695 2012-11-27 14:44 2012-07-25 Show GitHub Exploit DB Packet Storm
187064 4.3 警告 アップル - Apple Safari 6.0 未満におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0678 2012-11-27 14:41 2012-07-25 Show GitHub Exploit DB Packet Storm
187065 9.3 危険 Munin - Munin の munin-cgi-graph における任意のディレクトリにファイルを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3513 2012-11-27 14:10 2012-08-31 Show GitHub Exploit DB Packet Storm
187066 7.2 危険 Munin - Munin における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3512 2012-11-27 14:09 2012-08-31 Show GitHub Exploit DB Packet Storm
187067 9 危険 日立 - 日立の JP1/File Transmission Server/FTP における複数の脆弱性 CWE-noinfo
情報不足 		- 2012-11-26 18:00 2012-11-1 Show GitHub Exploit DB Packet Storm
187068 4.3 警告 Joomla! - Joomla! におけるクリックジャッキング攻撃の脆弱性 CWE-noinfo
情報不足 		CVE-2012-5827 2012-11-26 17:51 2012-11-8 Show GitHub Exploit DB Packet Storm
187069 6.8 警告 Exim Development - Exim の dkim.c におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-5671 2012-11-26 17:49 2012-10-26 Show GitHub Exploit DB Packet Storm
187070 4.3 警告 Ipswitch, Inc. - Ipswitch WhatsUp Gold におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4344 2012-11-26 17:26 2012-08-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 25, 2025, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
431 6.4 MEDIUM
Network 		- - The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter within the plugin's shortcode Content Block in all versions up to… CWE-79
Cross-site Scripting 		CVE-2024-6432 2025-02-20 19:15 2025-02-20 Show GitHub Exploit DB Packet Storm
432 4.3 MEDIUM
Network 		- - The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the pae_global_block shortcode due to missing val… CWE-284
Improper Access Control 		CVE-2024-13855 2025-02-20 19:15 2025-02-20 Show GitHub Exploit DB Packet Storm
433 5.5 MEDIUM
Network 		- - The Cookie Notice Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. This ma… CWE-79
Cross-site Scripting 		CVE-2024-13849 2025-02-20 19:15 2025-02-20 Show GitHub Exploit DB Packet Storm
434 6.4 MEDIUM
Network 		- - The Bandsintown Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bandsintown_events' shortcode in all versions up to, and including, 1.3.1 due to insufficien… CWE-79
Cross-site Scripting 		CVE-2024-13802 2025-02-20 19:15 2025-02-20 Show GitHub Exploit DB Packet Storm
435 7.3 HIGH
Network 		- - The WooCommerce Food - Restaurant Menu & Food ordering plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.2. This is due to the software all… CWE-94
Code Injection 		CVE-2024-13792 2025-02-20 19:15 2025-02-20 Show GitHub Exploit DB Packet Storm
436 9.8 CRITICAL
Network 		- - The ravpage plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.31 via deserialization of untrusted input from the 'paramsv2' parameter. This makes it p… CWE-502
 Deserialization of Untrusted Data 		CVE-2024-13789 2025-02-20 19:15 2025-02-20 Show GitHub Exploit DB Packet Storm
437 8.1 HIGH
Network 		- - The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on th… CWE-352
 Origin Validation Error 		CVE-2024-13753 2025-02-20 19:15 2025-02-20 Show GitHub Exploit DB Packet Storm
438 4.4 MEDIUM
Network 		- - The Ultimate Classified Listings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title parameter in all versions up to, and including, 1.4 due to insufficient input sanitiza… CWE-79
Cross-site Scripting 		CVE-2024-13748 2025-02-20 19:15 2025-02-20 Show GitHub Exploit DB Packet Storm
439 5.3 MEDIUM
Network 		- - The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'upda… CWE-862
 Missing Authorization 		CVE-2024-13520 2025-02-20 19:15 2025-02-20 Show GitHub Exploit DB Packet Storm
440 7.5 HIGH
Network 		- - The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to SQL Injection via the 'engtz_wd_save_dropship' AJAX endpoint in all versions up to, and including, 2.3.11 due to ins… CWE-89
SQL Injection 		CVE-2024-13476 2025-02-20 19:15 2025-02-20 Show GitHub Exploit DB Packet Storm