Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 3, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188891 4.3 警告 InterWorx - InterWorx-CP Server Admin Level におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4588 2012-09-25 16:59 2007-08-28 Show GitHub Exploit DB Packet Storm
188892 7.5 危険 The PHP Group - PHP 用の iisfunc エクステンションにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4586 2012-09-25 16:59 2007-08-28 Show GitHub Exploit DB Packet Storm
188893 4.4 警告 日立 - Cosminexus Application Server の Cosminexus Manager における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4563 2012-09-25 16:59 2007-08-24 Show GitHub Exploit DB Packet Storm
188894 4.3 警告 日立 - Hitachi DABroker におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2007-4562 2012-09-25 16:59 2007-08-24 Show GitHub Exploit DB Packet Storm
188895 4.3 警告 Novell - Novell GroupWise WebAccess の webacc サーブレットにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4557 2012-09-25 16:59 2007-08-27 Show GitHub Exploit DB Packet Storm
188896 6.8 警告 opensymphony - OpenSymphony XWork の Struts サポートにおけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2007-4556 2012-09-25 16:59 2007-08-27 Show GitHub Exploit DB Packet Storm
188897 4.3 警告 Ipswitch, Inc. - Ipswitch WS_FTP におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4555 2012-09-25 16:59 2007-08-27 Show GitHub Exploit DB Packet Storm
188898 4.3 警告 Mozilla Foundation - Bugzilla の enter_bug.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4543 2012-09-25 16:59 2007-08-23 Show GitHub Exploit DB Packet Storm
188899 4.3 警告 olate - od におけるクロスサイトスクリプティングの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-4541 2012-09-25 16:59 2007-08-27 Show GitHub Exploit DB Packet Storm
188900 7.5 危険 olate - Olate Download (od) の download.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4540 2012-09-25 16:59 2007-08-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 4, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
101 - - - Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MP3 Audio … New CWE-862
 Missing Authorization 		CVE-2024-56266 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm
102 - - - Unrestricted Upload of File with Dangerous Type vulnerability in Beee ACF City Selector allows Upload a Web Shell to a Web Server.This issue affects ACF City Selector: from n/a through 1.14.0. New CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-56264 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm
103 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Shots for Dribbble allows DOM-Based XSS.This issue affects GS Shots for Dribbble: f… New CWE-79
Cross-site Scripting 		CVE-2024-56263 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm
104 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Coaches allows Stored XSS.This issue affects GS Coaches: from n/a through 1.1.0. New CWE-79
Cross-site Scripting 		CVE-2024-56262 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm
105 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins Project Showcase allows Stored XSS.This issue affects Project Showcase: from n/a throu… New CWE-79
Cross-site Scripting 		CVE-2024-56261 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm
106 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StorePlugin ShopElement allows Stored XSS.This issue affects ShopElement: from n/a through 2.0.0. New CWE-79
Cross-site Scripting 		CVE-2024-56260 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm
107 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AyeCode - WP Business Directory Plugins GeoDirectory allows Stored XSS.This issue affects GeoDire… New CWE-79
Cross-site Scripting 		CVE-2024-56259 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm
108 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBlockArt Magazine Blocks allows Stored XSS.This issue affects Magazine Blocks: from n/a through… New CWE-79
Cross-site Scripting 		CVE-2024-56258 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm
109 - - - Missing Authorization vulnerability in AyeCode AyeCode Connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AyeCode Connect: from n/a through 1.3.8. New CWE-862
 Missing Authorization 		CVE-2024-56255 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm
110 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Element… New CWE-79
Cross-site Scripting 		CVE-2024-56254 2025-01-2 21:15 2025-01-2 Show GitHub Exploit DB Packet Storm