Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
187061 6.9 警告 シトリックス・システムズ - Xen および Citrix XenServer の grant table hypercall におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3516 2012-11-27 16:09 2012-09-5 Show GitHub Exploit DB Packet Storm
187062 6.9 警告 シトリックス・システムズ - Xen の Transcendent Memory におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3497 2012-11-27 15:55 2012-09-5 Show GitHub Exploit DB Packet Storm
187063 4.3 警告 アップル - 複数の Apple 製品で使用される WebKit におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-3695 2012-11-27 14:44 2012-07-25 Show GitHub Exploit DB Packet Storm
187064 4.3 警告 アップル - Apple Safari 6.0 未満におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0678 2012-11-27 14:41 2012-07-25 Show GitHub Exploit DB Packet Storm
187065 9.3 危険 Munin - Munin の munin-cgi-graph における任意のディレクトリにファイルを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3513 2012-11-27 14:10 2012-08-31 Show GitHub Exploit DB Packet Storm
187066 7.2 危険 Munin - Munin における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3512 2012-11-27 14:09 2012-08-31 Show GitHub Exploit DB Packet Storm
187067 9 危険 日立 - 日立の JP1/File Transmission Server/FTP における複数の脆弱性 CWE-noinfo
情報不足 		- 2012-11-26 18:00 2012-11-1 Show GitHub Exploit DB Packet Storm
187068 4.3 警告 Joomla! - Joomla! におけるクリックジャッキング攻撃の脆弱性 CWE-noinfo
情報不足 		CVE-2012-5827 2012-11-26 17:51 2012-11-8 Show GitHub Exploit DB Packet Storm
187069 6.8 警告 Exim Development - Exim の dkim.c におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-5671 2012-11-26 17:49 2012-10-26 Show GitHub Exploit DB Packet Storm
187070 4.3 警告 Ipswitch, Inc. - Ipswitch WhatsUp Gold におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4344 2012-11-26 17:26 2012-08-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 25, 2025, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
441 6.4 MEDIUM
Network 		- - The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's xoo_el_action shortcode in all versions up to, and including, 2… CWE-79
Cross-site Scripting 		CVE-2025-1064 2025-02-20 18:15 2025-02-20 Show GitHub Exploit DB Packet Storm
442 6.4 MEDIUM
Network 		- - The Modal Window – create popup modal window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'iframeBox' shortcode in all versions up to, and including, 6.1.5 due t… CWE-79
Cross-site Scripting 		CVE-2025-0897 2025-02-20 18:15 2025-02-20 Show GitHub Exploit DB Packet Storm
443 7.2 HIGH
Network 		- - The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 11.56. This is due to insufficient validation on the redirect URL supplied via the 'redirect… CWE-601
Open Redirect 		CVE-2024-13888 2025-02-20 18:15 2025-02-20 Show GitHub Exploit DB Packet Storm
444 6.4 MEDIUM
Network 		- - The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Transparent Split Hero widget in all versions up to, and including, 1.5.140 due… CWE-79
Cross-site Scripting 		CVE-2024-13155 2025-02-20 17:15 2025-02-20 Show GitHub Exploit DB Packet Storm
445 - - - Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If an attacker logs in to the affected product … CWE-78
OS Command  		CVE-2025-26856 2025-02-20 15:15 2025-02-20 Show GitHub Exploit DB Packet Storm
446 - - - Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization. - CVE-2025-27218 2025-02-20 14:15 2025-02-20 Show GitHub Exploit DB Packet Storm
447 6.4 MEDIUM
Network 		- - The Elementor Website Builder – More Than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the border, margin and gap parameters in all versions up to, and in… CWE-79
Cross-site Scripting 		CVE-2024-13445 2025-02-20 14:15 2025-02-20 Show GitHub Exploit DB Packet Storm
448 6.8 MEDIUM
Network 		- - IBM OpenPages with Watson 8.3 and 9.0  could allow a remote attacker to spoof mail server identity when using SSL/TLS security. An attacker could exploit this vulnerability to gain access to sensi… CWE-297
 Improper Validation of Certificate with Host Mismatch 		CVE-2024-49782 2025-02-20 13:15 2025-02-20 Show GitHub Exploit DB Packet Storm
449 5.3 MEDIUM
Network 		- - IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature. CWE-117
 Improper Output Neutralization for Logs 		CVE-2024-49355 2025-02-20 13:15 2025-02-20 Show GitHub Exploit DB Packet Storm
450 4.3 MEDIUM
Network 		- - IBM OpenPages with Watson 8.3 and 9.0  application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses. CWE-296
CVE-2024-43196 2025-02-20 13:15 2025-02-20 Show GitHub Exploit DB Packet Storm