Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Dec. 26, 2024, 2 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
189121 6.4 警告 ヒューレット・パッカード - HP Photo Digital Imaging の hpqxml.dll における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2007-3487 2012-09-25 16:47 2007-06-29 Show GitHub Exploit DB Packet Storm
189122 7.1 危険 pc soft - PCSoft WinDEV におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3480 2012-09-25 16:47 2007-06-28 Show GitHub Exploit DB Packet Storm
189123 6.8 警告 pc soft - PCSoft の WinDEV におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-3479 2012-09-25 16:47 2007-06-28 Show GitHub Exploit DB Packet Storm
189124 5 警告 LibGD project - libgd の imagearc 関数などにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2007-3477 2012-09-25 16:47 2007-06-28 Show GitHub Exploit DB Packet Storm
189125 2.6 注意 LibGD project - libgd の GIF リーダにおける脆弱性 CWE-DesignError
CWE-noinfo
CVE-2007-3474 2012-09-25 16:47 2007-06-28 Show GitHub Exploit DB Packet Storm
189126 7.5 危険 Papoo Software - Papoo における SQL インジェクションの脆弱性 - CVE-2007-3453 2012-09-25 16:47 2007-06-26 Show GitHub Exploit DB Packet Storm
189127 7.8 危険 Nortel Networks - Nortel PC Client SIP Soft Phone の SIP ヘッダ構文解析モジュールにおけるバッファオーバーフローの脆弱性 - CVE-2007-3438 2012-09-25 16:47 2007-06-26 Show GitHub Exploit DB Packet Storm
189128 5 警告 マイクロソフト - Microsoft MSN Messenger におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3436 2012-09-25 16:47 2007-06-26 Show GitHub Exploit DB Packet Storm
189129 5 警告 NetArt Media - Pharmacy System の index.php における重要な情報を取得される脆弱性 - CVE-2007-3434 2012-09-25 16:47 2007-06-26 Show GitHub Exploit DB Packet Storm
189130 7.5 危険 NetArt Media - Pharmacy System の index.php における SQL インジェクションの脆弱性 - CVE-2007-3433 2012-09-25 16:47 2007-06-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Dec. 26, 2024, 4:05 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
141 6.4 MEDIUM
Network
- - The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wb_share_social shortcode in all versions up to, and including, 1.2.1 due to insufficient input saniti… CWE-79
Cross-site Scripting
CVE-2024-12591 2024-12-21 19:15 2024-12-21 Show GitHub Exploit DB Packet Storm
142 6.5 MEDIUM
Network
- - The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_db function in all versions … CWE-862
 Missing Authorization
CVE-2024-12558 2024-12-21 19:15 2024-12-21 Show GitHub Exploit DB Packet Storm
143 6.1 MEDIUM
Network
- - The WP on AWS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST data in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escapi… CWE-79
Cross-site Scripting
CVE-2024-12408 2024-12-21 19:15 2024-12-21 Show GitHub Exploit DB Packet Storm
144 5.9 MEDIUM
Network
- - The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 3.25.1 due to insufficient escaping on the user … CWE-89
SQL Injection
CVE-2024-11722 2024-12-21 19:15 2024-12-21 Show GitHub Exploit DB Packet Storm
145 6.1 MEDIUM
Network
- - The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver' or 'date' parameter in all versions up to, and including, 2.5.5 due to insufficient input sanitizatio… CWE-79
Cross-site Scripting
CVE-2024-11688 2024-12-21 19:15 2024-12-21 Show GitHub Exploit DB Packet Storm
146 6.4 MEDIUM
Network
- - The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typography Settings in all versions up to, and includi… CWE-79
Cross-site Scripting
CVE-2024-10453 2024-12-21 19:15 2024-12-21 Show GitHub Exploit DB Packet Storm
147 6.4 MEDIUM
Network
- - The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aux_contact_box and aux_gmaps shortcodes in all versions up to, an… CWE-79
Cross-site Scripting
CVE-2024-9545 2024-12-21 18:15 2024-12-21 Show GitHub Exploit DB Packet Storm
148 6.4 MEDIUM
Network
- - The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Staff widget in all versions up to, and including, 2.16.4 due to i… CWE-79
Cross-site Scripting
CVE-2024-12588 2024-12-21 18:15 2024-12-21 Show GitHub Exploit DB Packet Storm
149 6.1 MEDIUM
Network
- - The Pingmeter Uptime Monitoring plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the '_wpnonce' parameter in all versions up to, and including, 1.0.3 due to insufficient input… CWE-79
Cross-site Scripting
CVE-2024-11808 2024-12-21 18:15 2024-12-21 Show GitHub Exploit DB Packet Storm
150 4.3 MEDIUM
Network
- - The Full Screen Menu for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.7 via the Full Screen Menu Elementor Widget due to insufficien… CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2024-10797 2024-12-21 18:15 2024-12-21 Show GitHub Exploit DB Packet Storm