Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
187221	5	警告	The Tor Project	-	Tor の common/util.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-4922	2012-11-15 17:13	2012-09-11	Show	GitHub Exploit DB Packet Storm

187222	5	警告	The Tor Project	-	Tor の or/policies.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2012-4419	2012-11-15 17:12	2012-08-25	Show	GitHub Exploit DB Packet Storm

187223	7.9	危険	VMware	-	VMware Workstation および VMware Player におけるホスト OS の権限を取得される脆弱性	CWE-Other その他	CVE-2012-5459	2012-11-15 16:44	2012-11-8	Show	GitHub Exploit DB Packet Storm

187224	8.3	危険	VMware	-	VMware Workstation および VMware Player におけるホスト OS の権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5458	2012-11-15 16:43	2012-11-8	Show	GitHub Exploit DB Packet Storm

187225	9.3	危険	VMware	-	複数の VMware 製品で使用される VMware OVF Tool におけるフォーマットストリングの脆弱性	CWE-134 書式文字列の問題	CVE-2012-3569	2012-11-15 16:43	2012-11-8	Show	GitHub Exploit DB Packet Storm

187226	6.8	警告	IBM	-	IBM WebSphere Application Server におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4853	2012-11-15 16:42	2012-10-29	Show	GitHub Exploit DB Packet Storm

187227	4.3	警告	IBM	-	IBM WebSphere Application Server の Liberty Profile におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4851	2012-11-15 16:41	2012-10-29	Show	GitHub Exploit DB Packet Storm

187228	7.5	危険	IBM	-	IBM WebSphere Application Server の Liberty Profile における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2012-4850	2012-11-15 16:39	2012-10-29	Show	GitHub Exploit DB Packet Storm

187229	4	警告	IBM	-	IBM Cognos Business Intelligence におけるサービス運用妨害 (CPU 資源の消費) の脆弱性	CWE-189 数値処理の問題	CVE-2012-4847	2012-11-15 16:38	2012-11-14	Show	GitHub Exploit DB Packet Storm

187230	5	警告	IBM	-	IBM WebSphere Application Server および WebSphere Virtual Enterprise におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2012-3330	2012-11-15 16:37	2012-10-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 22, 2025, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
441	-	-	-	Missing Authorization vulnerability in EPC MediCenter - Health Medical Clinic WordPress Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MediCenter - … New	CWE-862 Missing Authorization	CVE-2025-27013	2025-02-19 05:15	2025-02-19	Show	GitHub Exploit DB Packet Storm

442	-	-	-	Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Vers… New	CWE-416 Use After Free	CVE-2025-26623	2025-02-19 05:15	2025-02-19	Show	GitHub Exploit DB Packet Storm

443	-	-	-	Discord-Bot-Framework-Kernel is a Discord bot framework built with interactions.py, featuring modular extension management and secure execution. Because of the nature of arbitrary user-submited code … New	CWE-200 Information Exposure	CVE-2025-26604	2025-02-19 05:15	2025-02-19	Show	GitHub Exploit DB Packet Storm

444	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in videowhisper Paid Videochat Turnkey Site allows Path Traversal. This issue affects Paid Videochat Turnk… New	CWE-22 Path Traversal	CVE-2025-22663	2025-02-19 05:15	2025-02-19	Show	GitHub Exploit DB Packet Storm

445	-	-	-	Missing Authorization vulnerability in Vito Peleg Atarim allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Atarim: from n/a through 4.0.9. New	CWE-862 Missing Authorization	CVE-2025-22657	2025-02-19 05:15	2025-02-19	Show	GitHub Exploit DB Packet Storm

446	-	-	-	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Oscar Alvarez Cookie Monster allows PHP Local File Inclusion. This issue affec… New	CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')	CVE-2025-22656	2025-02-19 05:15	2025-02-19	Show	GitHub Exploit DB Packet Storm

447	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in kodeshpa Simplified allows Using Malicious Files. This issue affects Simplified: from n/a through 1.0.6. New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2025-22654	2025-02-19 05:15	2025-02-19	Show	GitHub Exploit DB Packet Storm

448	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Erez Hadas-Sonnenschein Smartarget allows Stored XSS. This issue affects Smartarget: from n/a thr… New	CWE-79 Cross-site Scripting	CVE-2025-22650	2025-02-19 05:15	2025-02-19	Show	GitHub Exploit DB Packet Storm

449	-	-	-	Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real Estate Manager allows Password Brute Forcing. This issue affects Real Estate Manager: from n/a through 7.3. New	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2025-22645	2025-02-19 05:15	2025-02-19	Show	GitHub Exploit DB Packet Storm

450	-	-	-	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Distance Rate Shipping for WooCommerce allows Blind SQL Injection. This issue affects Di… New	CWE-89 SQL Injection	CVE-2025-22639	2025-02-19 05:15	2025-02-19	Show	GitHub Exploit DB Packet Storm