Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
187121	7.5	危険	GEGL	-	GEGL の operations/external/ppm-load.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-4433	2012-11-20 16:25	2012-11-18	Show	GitHub Exploit DB Packet Storm

187122	3.6	注意	Gluster, Inc.	-	Red Hat Storage Server 2.0 で使用される GlusterFS における任意のファイルを上書きされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4417	2012-11-20 16:24	2012-11-18	Show	GitHub Exploit DB Packet Storm

187123	5	警告	Agile Access Control	-	Agile FleetCommander および FleetCommander Kiosk における重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2012-4947	2012-11-20 15:31	2012-11-18	Show	GitHub Exploit DB Packet Storm

187124	5	警告	Agile Access Control	-	Agile FleetCommander および FleetCommander Kiosk における重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2012-4946	2012-11-20 15:30	2012-11-18	Show	GitHub Exploit DB Packet Storm

187125	7.5	危険	Agile Access Control	-	Agile FleetCommander および FleetCommander Kiosk における任意のコマンドを実行される脆弱性	CWE-Other その他	CVE-2012-4945	2012-11-20 15:30	2012-11-18	Show	GitHub Exploit DB Packet Storm

187126	7.5	危険	Agile Access Control	-	Agile FleetCommander および FleetCommander Kiosk における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4944	2012-11-20 15:29	2012-11-18	Show	GitHub Exploit DB Packet Storm

187127	7.5	危険	Agile Access Control	-	Agile FleetCommander および FleetCommander Kiosk におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4943	2012-11-20 15:28	2012-11-18	Show	GitHub Exploit DB Packet Storm

187128	4.3	警告	Agile Access Control	-	Agile FleetCommander および FleetCommander Kiosk におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4942	2012-11-20 15:27	2012-11-18	Show	GitHub Exploit DB Packet Storm

187129	7.5	危険	Agile Access Control	-	Agile FleetCommander および FleetCommander Kiosk における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-4941	2012-11-20 15:26	2012-11-18	Show	GitHub Exploit DB Packet Storm

187130	4.3	警告	Pattern Insight	-	Pattern Insight の Web インタフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4950	2012-11-20 15:16	2012-11-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 25, 2025, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
441	6.4	MEDIUM Network	-	-	The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's xoo_el_action shortcode in all versions up to, and including, 2…	CWE-79 Cross-site Scripting	CVE-2025-1064	2025-02-20 18:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

442	6.4	MEDIUM Network	-	-	The Modal Window – create popup modal window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'iframeBox' shortcode in all versions up to, and including, 6.1.5 due t…	CWE-79 Cross-site Scripting	CVE-2025-0897	2025-02-20 18:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

443	7.2	HIGH Network	-	-	The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 11.56. This is due to insufficient validation on the redirect URL supplied via the 'redirect…	CWE-601 Open Redirect	CVE-2024-13888	2025-02-20 18:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

444	6.4	MEDIUM Network	-	-	The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Transparent Split Hero widget in all versions up to, and including, 1.5.140 due…	CWE-79 Cross-site Scripting	CVE-2024-13155	2025-02-20 17:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

445	-		-	-	Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If an attacker logs in to the affected product …	CWE-78 OS Command	CVE-2025-26856	2025-02-20 15:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

446	-		-	-	Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization.	-	CVE-2025-27218	2025-02-20 14:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

447	6.4	MEDIUM Network	-	-	The Elementor Website Builder – More Than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the border, margin and gap parameters in all versions up to, and in…	CWE-79 Cross-site Scripting	CVE-2024-13445	2025-02-20 14:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

448	6.8	MEDIUM Network	-	-	IBM OpenPages with Watson 8.3 and 9.0 could allow a remote attacker to spoof mail server identity when using SSL/TLS security. An attacker could exploit this vulnerability to gain access to sensi…	CWE-297 Improper Validation of Certificate with Host Mismatch	CVE-2024-49782	2025-02-20 13:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

449	5.3	MEDIUM Network	-	-	IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature.	CWE-117 Improper Output Neutralization for Logs	CVE-2024-49355	2025-02-20 13:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

450	4.3	MEDIUM Network	-	-	IBM OpenPages with Watson 8.3 and 9.0 application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses.	CWE-296	CVE-2024-43196	2025-02-20 13:15	2025-02-20	Show	GitHub Exploit DB Packet Storm