Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
187441 5 警告 Longwave Consulting - Drupal 用 Ubercart SecureTrading Payment Method モジュールにおける未払いのアイテムを購入される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4482 2012-11-2 14:36 2012-07-11 Show GitHub Exploit DB Packet Storm
187442 4.3 警告 Joomla! - Joomla! 用 Language Switcher モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4532 2012-11-2 14:01 2012-09-13 Show GitHub Exploit DB Packet Storm
187443 4.3 警告 Joomla! - Joomla! におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4531 2012-11-2 14:00 2012-09-13 Show GitHub Exploit DB Packet Storm
187444 10 危険 General Electric Company - GE Intelligent Platforms Proficy Real-Time Information Portal におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3026 2012-11-2 13:59 2012-08-14 Show GitHub Exploit DB Packet Storm
187445 10 危険 General Electric Company - GE Intelligent Platforms Proficy Real-Time Information Portal におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3021 2012-11-2 13:57 2012-08-14 Show GitHub Exploit DB Packet Storm
187446 10 危険 General Electric Company - GE Intelligent Platforms Proficy Real-Time Information Portal におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3010 2012-11-2 13:57 2012-08-14 Show GitHub Exploit DB Packet Storm
187447 2.1 注意 シトリックス・システムズ - Xen の PV ドメインビルダーにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4544 2012-11-2 13:52 2012-10-31 Show GitHub Exploit DB Packet Storm
187448 4.3 警告 Pebble - Pebble におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-5170 2012-11-2 12:02 2012-11-2 Show GitHub Exploit DB Packet Storm
187449 4.3 警告 Pebble - Pebble における HTTP ヘッダインジェクションの脆弱性 CWE-Other
その他 		CVE-2012-4023 2012-11-2 12:02 2012-11-2 Show GitHub Exploit DB Packet Storm
187450 5 警告 Pebble - Pebble において記事が閲覧不能になる脆弱性 CWE-Other
その他 		CVE-2012-4022 2012-11-2 12:01 2012-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 19, 2025, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
651 - - - D-Link DIR-853 A1 FW1.20B07 was discovered to contain a command injection vulnerability in the SetVirtualServerSettings module. - CVE-2025-25743 2025-02-13 02:15 2025-02-13 Show GitHub Exploit DB Packet Storm
652 - - - D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the AccountPassword parameter in the SetSysEmailSettings module. - CVE-2025-25742 2025-02-13 02:15 2025-02-13 Show GitHub Exploit DB Packet Storm
653 - - - Stroom is a data processing, storage and analysis platform. A vulnerability exists starting in version 7.2-beta.53 and prior to versions 7.2.24, 7.3-beta.22, 7.4.4, and 7.5-beta.2 that allows authent… CWE-290
 Authentication Bypass by Spoofing 		CVE-2025-25182 2025-02-13 02:15 2025-02-13 Show GitHub Exploit DB Packet Storm
654 6.3 MEDIUM
Network 		- - A vulnerability classified as critical was found in code-projects Wazifa System 1.0. Affected by this vulnerability is an unknown functionality of the file /controllers/control.php. The manipulation … CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-1210 2025-02-13 02:15 2025-02-13 Show GitHub Exploit DB Packet Storm
655 3.5 LOW
Network 		- - A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is the function searchuser of the file /search_resualts.php. The manipulation of the argument fir… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2025-1209 2025-02-13 02:15 2025-02-13 Show GitHub Exploit DB Packet Storm
656 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-0818. Reason: This candidate is a reservation duplicate of CVE-2025-0818. Notes: All CVE users should reference CV… - CVE-2025-0925 2025-02-13 02:15 2025-02-13 Show GitHub Exploit DB Packet Storm
657 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-0818. Reason: This candidate is a reservation duplicate of CVE-2025-0818. Notes: All CVE users should reference CV… - CVE-2025-0919 2025-02-13 02:15 2025-02-13 Show GitHub Exploit DB Packet Storm
658 - - - In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), using .NET Standard 2.0, the contents of a file at an arbitrary path can be exported to RTF. CWE-552
 Files or Directories Accessible to External Parties 		CVE-2024-11629 2025-02-13 02:15 2025-02-13 Show GitHub Exploit DB Packet Storm
659 - - - In Progress® Telerik® Kendo UI for Vue versions v2.4.0 through v6.0.1, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or comman… CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2024-11628 2025-02-13 02:15 2025-02-13 Show GitHub Exploit DB Packet Storm
660 3.5 LOW
Network 		- - A vulnerability was found in code-projects Wazifa System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /Profile.php. The manipulation of the argument p… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2025-1208 2025-02-13 01:15 2025-02-13 Show GitHub Exploit DB Packet Storm