Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
193661 7.2 危険 opendarwin - Apple Mac OS X の XNU におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5836 2012-09-25 15:36 2006-11-9 Show GitHub Exploit DB Packet Storm
193662 5 警告 OpenSolution - OpenSolution Quick.Cms.Lite の general.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5834 2012-09-25 15:36 2006-11-9 Show GitHub Exploit DB Packet Storm
193663 4.3 警告 Kayako - Kayako SupportSuite の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5825 2012-09-25 15:36 2006-11-9 Show GitHub Exploit DB Packet Storm
193664 2.1 注意 Parallels - Mac 用の Parallels Desktop における DHCP 設定を変更される脆弱性 - CVE-2006-5817 2012-09-25 15:36 2006-11-8 Show GitHub Exploit DB Packet Storm
193665 7.5 危険 Novell - Novell eDirectory における任意のコードを実行される脆弱性 - CVE-2006-5814 2012-09-25 15:36 2006-11-8 Show GitHub Exploit DB Packet Storm
193666 5 警告 Novell - Novell eDirectory におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5813 2012-09-25 15:36 2006-11-8 Show GitHub Exploit DB Packet Storm
193667 5 警告 Kerio Technologies - Kerio MailServer におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-5812 2012-09-25 15:36 2006-11-8 Show GitHub Exploit DB Packet Storm
193668 6.8 警告 OpenEMR - OpenEMR の library/translation.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5811 2012-09-25 15:36 2006-11-8 Show GitHub Exploit DB Packet Storm
193669 10 危険 jonathon j. freeman - Jonathon J. Freeman OvBB における脆弱性 - CVE-2006-5809 2012-09-25 15:36 2006-11-8 Show GitHub Exploit DB Packet Storm
193670 5 警告 マイクロソフト - Microsoft Internet Explorer 7 における安全な Web サイトからのセキュリティの証明書が無効と見なされる脆弱性 - CVE-2006-5805 2012-09-25 15:36 2006-11-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 22, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
841 4.9 MEDIUM
Network 		- - Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the downloadResponseFile() function. This makes it possible for authenticated attackers… CWE-23
 Relative Path Traversal 		CVE-2024-13791 2025-02-14 20:15 2025-02-14 Show GitHub Exploit DB Packet Storm
842 - - - In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an attacker manually craf… CWE-502
 Deserialization of Untrusted Data 		CVE-2024-52577 2025-02-14 19:15 2025-02-14 Show GitHub Exploit DB Packet Storm
843 6.4 MEDIUM
Network 		- - The HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.11.2 due… CWE-79
Cross-site Scripting 		CVE-2024-13735 2025-02-14 19:15 2025-02-14 Show GitHub Exploit DB Packet Storm
844 - - - An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerability caused by limited access controls allowed li-admin users to access sensitive information about AgentX Manager in a Logpoint de… - CVE-2025-26789 2025-02-14 17:15 2025-02-14 Show GitHub Exploit DB Packet Storm
845 - - - Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in MarketingFire Widget Options allows OS Command Injection.This issue affects Widget Options: from n… CWE-77
Command Injection 		CVE-2025-22630 2025-02-14 16:15 2025-02-14 Show GitHub Exploit DB Packet Storm
846 6.5 MEDIUM
Network 		- - The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ and 'UniqueID' parameter in all versions up to, and including, 1.8.12 due to … CWE-79
Cross-site Scripting 		CVE-2024-9601 2025-02-14 16:15 2025-02-14 Show GitHub Exploit DB Packet Storm
847 - - - app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search. - CVE-2024-57969 2025-02-14 16:15 2025-02-14 Show GitHub Exploit DB Packet Storm
848 - - - The Forminator Forms WordPress plugin before 1.38.3 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting att… - CVE-2024-7052 2025-02-14 15:15 2025-02-14 Show GitHub Exploit DB Packet Storm
849 5.4 MEDIUM
Network 		- - The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in all… CWE-285
Improper Authorization 		CVE-2024-13692 2025-02-14 15:15 2025-02-14 Show GitHub Exploit DB Packet Storm
850 5.9 MEDIUM
Network 		- - The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Sensitive Information Exposure in all v… CWE-200
Information Exposure 		CVE-2024-13641 2025-02-14 15:15 2025-02-14 Show GitHub Exploit DB Packet Storm