Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
187431 4 警告 Mime Mail Module Project - Drupal 用 Mime Mail モジュールにおける任意のファイルを添付ファイルとして送信される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4495 2012-11-2 15:01 2012-08-8 Show GitHub Exploit DB Packet Storm
187432 4.3 警告 National Information Infrastructure Development Institute - Drupal 用 Shibboleth authentication モジュールにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4494 2012-11-2 14:55 2012-08-8 Show GitHub Exploit DB Packet Storm
187433 2.1 注意 Isaac Sukin - Drupal 用 Shorten URLs モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4492 2012-11-2 14:54 2012-08-8 Show GitHub Exploit DB Packet Storm
187434 5.8 警告 Earl Dunovant - Drupal 用 Monthly Archive by Node Type モジュールにおける制限しているノードにアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4491 2012-11-2 14:53 2012-08-1 Show GitHub Exploit DB Packet Storm
187435 4.3 警告 Ricky Morse - Drupal 用 Excluded Users モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4490 2012-11-2 14:45 2012-08-1 Show GitHub Exploit DB Packet Storm
187436 5.8 警告 Mark Burdett - Drupal 用 Secure Login モジュールにおけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4489 2012-11-2 14:43 2012-07-25 Show GitHub Exploit DB Packet Storm
187437 5 警告 Location module project - Drupal 用 Location モジュールにおけるノードまたはユーザの検索結果を読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4488 2012-11-2 14:43 2012-07-25 Show GitHub Exploit DB Packet Storm
187438 4.3 警告 Manuel Garcia - Drupal 用 Gallery formatter モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4485 2012-11-2 14:40 2012-07-25 Show GitHub Exploit DB Packet Storm
187439 4.3 警告 Campaign Monitor project - Drupal 用 Campaign Monitor モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4484 2012-11-2 14:38 2012-07-18 Show GitHub Exploit DB Packet Storm
187440 5 警告 Acquia Inc. - Drupal 用 Drupal Commons モジュールにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4483 2012-11-2 14:38 2012-07-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 26, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
681 - - - Use after free in V8 in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) - CVE-2025-0995 2025-02-20 00:15 2025-02-15 Show GitHub Exploit DB Packet Storm
682 7.3 HIGH
Network 		- - A vulnerability, which was classified as critical, has been found in Baiyi Cloud Asset Management System up to 20250204. This issue affects some unknown processing of the file /wuser/admin.house.coll… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-1464 2025-02-19 23:15 2025-02-19 Show GitHub Exploit DB Packet Storm
683 - - - The Wise Forms WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks via malicious f… - CVE-2024-13603 2025-02-19 23:15 2025-02-17 Show GitHub Exploit DB Packet Storm
684 5.3 MEDIUM
Network 		- - The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.0 due to a missing capability checks on the get_megame… CWE-284
Improper Access Control 		CVE-2025-0968 2025-02-19 21:15 2025-02-19 Show GitHub Exploit DB Packet Storm
685 7.2 HIGH
Network 		- - The YaySMTP and Email Logs: Amazon SES, SendGrid, Outlook, Mailgun, Brevo, Google and Any SMTP Service plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions 2.4.9 to 2.6.2 due… CWE-79
Cross-site Scripting 		CVE-2025-0916 2025-02-19 21:15 2025-02-19 Show GitHub Exploit DB Packet Storm
686 7.5 HIGH
Network 		- - The Small Package Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 5.2.… CWE-89
SQL Injection 		CVE-2024-13534 2025-02-19 21:15 2025-02-19 Show GitHub Exploit DB Packet Storm
687 7.5 HIGH
Network 		- - The Small Package Quotes – USPS Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' parameter in all versions up to, and including, 1.3.5 due to insufficient escaping on the… CWE-89
SQL Injection 		CVE-2024-13533 2025-02-19 21:15 2025-02-19 Show GitHub Exploit DB Packet Storm
688 7.5 HIGH
Network 		- - The Small Package Quotes – For Customers of FedEx plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 4.3.1 d… CWE-89
SQL Injection 		CVE-2024-13491 2025-02-19 21:15 2025-02-19 Show GitHub Exploit DB Packet Storm
689 7.5 HIGH
Network 		- - The LTL Freight Quotes – ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 3.3.7 due to… CWE-89
SQL Injection 		CVE-2024-13485 2025-02-19 21:15 2025-02-19 Show GitHub Exploit DB Packet Storm
690 7.5 HIGH
Network 		- - The LTL Freight Quotes – SAIA Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 2.2.10 due to insuf… CWE-89
SQL Injection 		CVE-2024-13483 2025-02-19 21:15 2025-02-19 Show GitHub Exploit DB Packet Storm