Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188471 6.8 警告 Mahara - Mahara におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-1668 2012-09-25 17:38 2010-07-6 Show GitHub Exploit DB Packet Storm
188472 4.3 警告 Mahara - Mahara におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1667 2012-09-25 17:38 2010-07-6 Show GitHub Exploit DB Packet Storm
188473 4.3 警告 jcink - PHPQA の acpmoderate.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1662 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188474 7.5 危険 jcink - PHPQA における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1661 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188475 7.5 危険 instantrankingseo - Infocus Real Estate の system_member_login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1654 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188476 7.5 危険 htmlcoderhelper - Com_graphics の graphics.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1653 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188477 5 警告 helpcenterlive - HCL の HelpCenter モジュールにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1652 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188478 1.9 注意 IBM - IBM WAS における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2010-1651 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188479 1.9 注意 IBM - IBM WAS における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2010-1650 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188480 4.3 警告 Joomla! - Joomla! のバックエンドにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1649 2012-09-25 17:38 2010-05-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 24, 2025, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
931 - - - Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in MarketingFire Widget Options allows OS Command Injection.This issue affects Widget Options: from n… CWE-77
Command Injection 		CVE-2025-22630 2025-02-14 16:15 2025-02-14 Show GitHub Exploit DB Packet Storm
932 6.5 MEDIUM
Network 		- - The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ and 'UniqueID' parameter in all versions up to, and including, 1.8.12 due to … CWE-79
Cross-site Scripting 		CVE-2024-9601 2025-02-14 16:15 2025-02-14 Show GitHub Exploit DB Packet Storm
933 - - - app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search. - CVE-2024-57969 2025-02-14 16:15 2025-02-14 Show GitHub Exploit DB Packet Storm
934 - - - The Forminator Forms WordPress plugin before 1.38.3 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting att… - CVE-2024-7052 2025-02-14 15:15 2025-02-14 Show GitHub Exploit DB Packet Storm
935 5.4 MEDIUM
Network 		- - The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in all… CWE-285
Improper Authorization 		CVE-2024-13692 2025-02-14 15:15 2025-02-14 Show GitHub Exploit DB Packet Storm
936 5.9 MEDIUM
Network 		- - The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Sensitive Information Exposure in all v… CWE-200
Information Exposure 		CVE-2024-13641 2025-02-14 15:15 2025-02-14 Show GitHub Exploit DB Packet Storm
937 - - - The Sensly Online Presence WordPress plugin through 0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting … - CVE-2024-13493 2025-02-14 15:15 2025-02-14 Show GitHub Exploit DB Packet Storm
938 - - - Out-of-bounds read vulnerability caused by improper checking of TCP MSS option values exists in Cente middleware TCP/IP Network Series, which may lead to processing a specially crafted packet to caus… CWE-125
Out-of-bounds Read 		CVE-2025-23406 2025-02-14 14:15 2025-02-14 Show GitHub Exploit DB Packet Storm
939 - - - Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks. - CVE-2024-2240 2025-02-14 14:15 2025-02-14 Show GitHub Exploit DB Packet Storm
940 - - - musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8. - CVE-2025-26519 2025-02-14 13:15 2025-02-14 Show GitHub Exploit DB Packet Storm