Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190061 7.8 危険 interface-medien - Interface Medien ibase の download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6288 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
190062 6.5 警告 ortus.nirn - CMS Ortus の engine/users/users_edit_pub.inc における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6282 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
190063 6.8 警告 mjcreation - FamilyProject の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6274 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
190064 6 警告 myktools - MyKtools の configuration_script.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6273 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
190065 7.5 危険 miticdjd - Dragan Mitic Apoll の admin/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6272 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
190066 7.5 危険 miticdjd - Dragan Mitic Apoll の admin/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6270 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
190067 7.5 危険 joovili - Joovili における管理者を含むユーザ権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-6269 2012-09-25 17:27 2009-02-25 Show GitHub Exploit DB Packet Storm
190068 7.5 危険 infireal - SaturnCMS の lib/user/t_user.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6263 2012-09-25 17:27 2009-02-24 Show GitHub Exploit DB Packet Storm
190069 7.5 危険 infireal - SaturnCMS の lib/url/meta_url.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6262 2012-09-25 17:27 2009-02-24 Show GitHub Exploit DB Packet Storm
190070 7.5 危険 openasp - Openasp の default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6257 2012-09-25 17:27 2009-02-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 14, 2025, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1781 6.4 MEDIUM
Network 		- - The Ticketmeo – Sell Tickets – Event Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.3.6 due to insuffi… CWE-79
Cross-site Scripting 		CVE-2025-0507 2025-01-31 14:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1782 9.8 CRITICAL
Network 		- - The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Limited Local File Inclusion in all versions up to, and including, 4.2.14 via the t… CWE-22
Path Traversal 		CVE-2025-0493 2025-01-31 14:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1783 5.4 MEDIUM
Network 		- - The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and i… CWE-79
Cross-site Scripting 		CVE-2024-10867 2025-01-31 14:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1784 6.1 MEDIUM
Network 		- - The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the title parameter in all versions up to, and includi… CWE-79
Cross-site Scripting 		CVE-2025-0470 2025-01-31 13:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1785 - - - Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory. - CVE-2024-47900 2025-01-31 13:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1786 - - - Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. - CVE-2024-47899 2025-01-31 13:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1787 - - - Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. - CVE-2024-47898 2025-01-31 13:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1788 - - - Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions. - CVE-2024-47891 2025-01-31 13:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1789 6.4 MEDIUM
Network 		- - The SeatReg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'seatreg' shortcode in all versions up to, and including, 1.56.0 due to insufficient input sanitization … CWE-79
Cross-site Scripting 		CVE-2024-13463 2025-01-31 13:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1790 - - - Software installed and run as a non-privileged user may conduct improper read/write operations on imported/exported DMA buffers. - CVE-2024-46974 2025-01-31 12:15 2025-01-31 Show GitHub Exploit DB Packet Storm