Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
188191	7.5	危険	Neturf	-	Neturf eCommerce Shopping Cart の search.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-5198	2012-09-26 12:24	2012-09-23	Show	GitHub Exploit DB Packet Storm

188192	6.8	警告	Public Knowledge Project	-	Public Knowledge Project Open Harvester Systems におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-5197	2012-09-26 12:23	2012-09-23	Show	GitHub Exploit DB Packet Storm

188193	6.8	警告	Public Knowledge Project	-	Public Knowledge Project Open Journal Systems におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-5196	2012-09-26 12:23	2012-09-23	Show	GitHub Exploit DB Packet Storm

188194	6.8	警告	Public Knowledge Project	-	Public Knowledge Project Open Conference Systems におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-5195	2012-09-26 12:22	2012-09-23	Show	GitHub Exploit DB Packet Storm

188195	4.3	警告	Tribulant Software	-	WordPress 用 Whois Search プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5194	2012-09-26 12:21	2012-01-1	Show	GitHub Exploit DB Packet Storm

188196	4.3	警告	Tribulant Software	-	WordPress 用 Whois Search プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5193	2012-09-26 12:21	2012-01-1	Show	GitHub Exploit DB Packet Storm

188197	4.3	警告	Caseproof	-	WordPress 用 Pretty Link Lite プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5192	2012-09-26 12:20	2012-01-6	Show	GitHub Exploit DB Packet Storm

188198	4.3	警告	Caseproof	-	WordPress 用 Pretty Link Lite プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5191	2012-09-26 12:20	2011-12-12	Show	GitHub Exploit DB Packet Storm

188199	7.5	危険	Jextn	-	Joomla! 用の JE FAQ Pro コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3211	2012-09-25 17:38	2010-09-3	Show	GitHub Exploit DB Packet Storm

188200	7.5	危険	martin lee	-	Multi-lingual E-Commerce System における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-3210	2012-09-25 17:38	2010-09-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 23, 2025, 4:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
581	-	-	-	Uncontrolled search path for some EPCT software before version 1.42.8.0 may allow an authenticated user to potentially enable escalation of privilege via local access.	CWE-427 Uncontrolled Search Path Element	CVE-2024-39813	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

582	-	-	-	Uncontrolled search path for the FPGA Support Package for the Intel(R) oneAPI DPC++/C++ Compiler software for Windows before version 2024.2 may allow an authenticated user to potentially enable escal…	CWE-427 Uncontrolled Search Path Element	CVE-2024-39365	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

583	-	-	-	NULL pointer dereference in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unauthenticated user to potentially enable denial of service v…	CWE-476 NULL Pointer Dereference	CVE-2024-39356	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

584	-	-	-	Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service v…	CWE-1281	CVE-2024-37020	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

585	-	-	-	Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.	CWE-20 Improper Input Validation	CVE-2024-28047	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

586	-	-	-	A CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to edit user gr…	CWE-306 Missing Authentication for Critical Function	CVE-2025-26345	2025-02-19 03:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

587	-	-	-	A CWE-306 "Missing Authentication for Critical Function" in maxprofile/guest-mode/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to enable…	CWE-306 Missing Authentication for Critical Function	CVE-2025-26344	2025-02-19 03:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

588	-	-	-	A vulnerability has been found in code-projects Real Estate Property Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /_parse/l…	CWE-89 CWE-74 SQL Injection Injection	CVE-2025-1197	2025-02-19 03:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

589	-	-	-	The Rise Blocks – A Complete Gutenberg Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the titleTag parameter in all versions up to, and including, 3.6 due to insuf…	CWE-79 Cross-site Scripting	CVE-2025-0506	2025-02-19 03:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

590	-	-	-	The LTL Freight Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameter in all versions up to, and including, 5.0.20 …	CWE-89 SQL Injection	CVE-2024-13473	2025-02-19 03:15	2025-02-12	Show	GitHub Exploit DB Packet Storm