Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 8, 2025, 6:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189801	7.5	危険	newssync	-	newsSync の inc/nuke_include.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3136	2012-09-25 16:47	2007-06-8	Show	GitHub Exploit DB Packet Storm

189802	6.8	警告	Joomla!	-	Joomla! 用の OpenWiki コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-3130	2012-09-25 16:47	2007-06-8	Show	GitHub Exploit DB Packet Storm

189803	6.4	警告	IBM	-	WSPortal の content.php における SQL インジェクションの脆弱性	-	CVE-2007-3128	2012-09-25 16:47	2007-06-19	Show	GitHub Exploit DB Packet Storm

189804	5	警告	IBM	-	WSPortal の content.php における重要な情報を取得される脆弱性	-	CVE-2007-3127	2012-09-25 16:47	2007-06-19	Show	GitHub Exploit DB Packet Storm

189805	7.8	危険	Mozilla Foundation	-	Mac OS X 上などの Mozilla Firefox におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-3073	2012-09-25 16:47	2007-05-17	Show	GitHub Exploit DB Packet Storm

189806	7.1	危険	Mozilla Foundation	-	Mozilla Firefox におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-3072	2012-09-25 16:47	2007-01-18	Show	GitHub Exploit DB Packet Storm

189807	7.5	危険	particle soft	-	Particle Soft Particle Gallery の viewimage.php における SQL インジェクションの脆弱性	-	CVE-2007-3065	2012-09-25 16:47	2007-06-5	Show	GitHub Exploit DB Packet Storm

189808	4.3	警告	mealex	-	My Databook の diary.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-3064	2012-09-25 16:47	2007-06-5	Show	GitHub Exploit DB Packet Storm

189809	7.5	危険	kartli alisveris sistemi	-	Kartli Alisveris Sistemi の news.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-3119	2012-09-25 16:47	2007-06-7	Show	GitHub Exploit DB Packet Storm

189810	7.5	危険	k-letter	-	K-letter における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3118	2012-09-25 16:47	2007-06-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 9, 2025, 4:56 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
71	-		-	-	Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. New	-	CVE-2024-56452	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

72	-		-	-	Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. New	-	CVE-2024-56451	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

73	-		-	-	Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability. New	-	CVE-2024-56450	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

74	-		-	-	Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality. New	-	CVE-2024-56449	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

75	-		-	-	Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability. New	-	CVE-2024-56448	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

76	-		-	-	Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. New	-	CVE-2024-54121	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

77	5.3	MEDIUM Network	-	-	The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.2 via the handle_export_form() function d… New	CWE-862 Missing Authorization	CVE-2024-12713	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

78	6.4	MEDIUM Network	-	-	The Slotti Ajanvaraus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'slotti-embed-ga' shortcode in all versions up to, and including, 1.3.1 due to insufficient in… New	CWE-79 Cross-site Scripting	CVE-2024-12521	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

79	6.4	MEDIUM Network	-	-	The Easy Form Builder – WordPress plugin form builder: contact form, survey form, payment form, and custom form builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name… New	CWE-79 Cross-site Scripting	CVE-2024-12112	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

80	7.4	HIGH Network	-	-	The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification and retrieval of data due to a missing capability check on several functions in all ve… New	CWE-862 Missing Authorization	CVE-2024-11916	2025-01-8 13:15	2025-01-8	Show	GitHub Exploit DB Packet Storm