Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
187881 6.9 警告 マイクロソフト - Microsoft Windows のカーネルにおける整数オーバーフロー脆弱性 CWE-189
数値処理の問題 		CVE-2012-2529 2012-10-11 18:52 2012-10-9 Show GitHub Exploit DB Packet Storm
187882 4.3 警告 マイクロソフト - 複数の Microsoft 製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2520 2012-10-11 18:50 2012-10-9 Show GitHub Exploit DB Packet Storm
187883 9.3 危険 マイクロソフト - Microsoft Works 9 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2012-2550 2012-10-11 18:49 2012-10-9 Show GitHub Exploit DB Packet Storm
187884 9.3 危険 マイクロソフト - 複数の Microsoft 製品 における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2012-2528 2012-10-11 18:47 2012-10-9 Show GitHub Exploit DB Packet Storm
187885 9.3 危険 マイクロソフト - Microsoft Word 2007 における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-0182 2012-10-11 18:44 2012-10-9 Show GitHub Exploit DB Packet Storm
187886 7.5 危険 Inpsyde - WordPress 用 BackWPup プラグインにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4342 2012-10-11 15:25 2012-10-8 Show GitHub Exploit DB Packet Storm
187887 3.5 注意 バラクーダネットワークス - Barracuda Spam & Virus Firewall 600 のファームウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5316 2012-10-11 15:25 2012-10-8 Show GitHub Exploit DB Packet Storm
187888 4.3 警告 php ireport project - php ireport におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5315 2012-10-11 15:25 2012-10-8 Show GitHub Exploit DB Packet Storm
187889 4.3 警告 Heikki Hokkanen - viewgit におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5314 2012-10-11 15:25 2012-10-8 Show GitHub Exploit DB Packet Storm
187890 7.5 危険 Snitz - Snitz Forums 2000 の forum.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-5313 2012-10-11 15:25 2012-10-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
421 5.0 MEDIUM
Local 		- - IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment. New CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2024-45657 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
422 5.9 MEDIUM
Network 		- - IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized acto… New CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2024-43187 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
423 6.1 MEDIUM
Network 		- - IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript cod… New CWE-79
Cross-site Scripting 		CVE-2024-40700 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
424 6.5 MEDIUM
Network 		- - IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transm… New CWE-352
 Origin Validation Error 		CVE-2024-35138 2025-02-5 06:15 2025-02-5 Show GitHub Exploit DB Packet Storm
425 - - - The Widget4Call WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against … Update - CVE-2024-13099 2025-02-5 06:15 2025-02-1 Show GitHub Exploit DB Packet Storm
426 - - - The WordPress Email Newsletter WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be … Update - CVE-2024-13098 2025-02-5 06:15 2025-02-1 Show GitHub Exploit DB Packet Storm
427 - - - The WP Finance WordPress plugin through 1.3.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against h… Update - CVE-2024-13097 2025-02-5 06:15 2025-02-1 Show GitHub Exploit DB Packet Storm
428 - - - The WP Finance WordPress plugin through 1.3.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored … Update - CVE-2024-13096 2025-02-5 06:15 2025-02-1 Show GitHub Exploit DB Packet Storm
429 - - - The Responsive iframe WordPress plugin through 1.2.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow user… Update - CVE-2024-12768 2025-02-5 06:15 2025-02-1 Show GitHub Exploit DB Packet Storm
430 - - - The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only mean… Update - CVE-2025-0938 2025-02-5 06:15 2025-02-1 Show GitHub Exploit DB Packet Storm