Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194131 7.5 危険 open cubic player - Open Cubic Player におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-4046 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
194132 5 警告 mywebland - myWebland myBloggie の index.php における重要な情報を取得される脆弱性 - CVE-2006-4043 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
194133 7.5 危険 mywebland - myWebland myBloggie の trackback.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-4042 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
194134 7.5 危険 mywebland - myWebland myEvent の myevent.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4040 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
194135 7.5 危険 moderngigabyte - ModernGigabyte ModernBill における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4034 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
194136 5.1 警告 Schezo - Lhaplus の Lhaplus.exe におけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2006-4033 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
194137 5 警告 The PHP Group - PHP の ip2long 関数におけるネットワーク情報を取得される脆弱性 - CVE-2006-4023 2012-09-25 15:35 2006-08-8 Show GitHub Exploit DB Packet Storm
194138 4.3 警告 inter network marketing ag - INM CMS G3 の search モジュールにおけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4017 2012-09-25 15:35 2006-08-7 Show GitHub Exploit DB Packet Storm
194139 5 警告 ヒューレット・パッカード - HP ProCurve スイッチにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4015 2012-09-25 15:35 2006-08-7 Show GitHub Exploit DB Packet Storm
194140 2.6 注意 Kayako - Kayako eSupport における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4011 2012-09-25 15:35 2006-08-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 7, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
551 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Felipe Peixoto Powerful Auto Chat allows Stored XSS. This issue affects Powerful Auto Chat: from … CWE-79
Cross-site Scripting 		CVE-2025-22292 2025-02-4 00:15 2025-02-4 Show GitHub Exploit DB Packet Storm
552 - - - Missing Authorization vulnerability in Pixelite Meta Tag Manager. This issue affects Meta Tag Manager: from n/a through 3.1. CWE-862
 Missing Authorization 		CVE-2025-22260 2025-02-4 00:15 2025-02-4 Show GitHub Exploit DB Packet Storm
553 - - - Missing Authorization vulnerability in By Averta Shortcodes and extra features for Phlox theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shortcodes a… CWE-862
 Missing Authorization 		CVE-2024-50500 2025-02-4 00:15 2025-02-4 Show GitHub Exploit DB Packet Storm
554 - - - Incorrect Privilege Assignment vulnerability in NotFound Admin and Site Enhancements (ASE) Pro allows Privilege Escalation. This issue affects Admin and Site Enhancements (ASE) Pro: from n/a through … CWE-266
 Incorrect Privilege Assignment 		CVE-2024-43333 2025-02-4 00:15 2025-02-4 Show GitHub Exploit DB Packet Storm
555 - - - The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to upload arbitrary images and change the path where they are uploaded - CVE-2024-13117 2025-02-4 00:15 2025-01-27 Show GitHub Exploit DB Packet Storm
556 - - - The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks … - CVE-2024-13116 2025-02-4 00:15 2025-01-27 Show GitHub Exploit DB Packet Storm
557 - - - SourceCodester Packers and Movers Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in Users.php. An attacker can inject a malicious script into the username or name field during use… - CVE-2024-57522 2025-02-3 22:15 2025-02-3 Show GitHub Exploit DB Packet Storm
558 - - - No proper validation of the length of user input in http_server_get_content_type_from_extension. - CVE-2024-10395 2025-02-3 16:15 2025-02-3 Show GitHub Exploit DB Packet Storm
559 - - - nDPI through 4.12 has a potential stack-based buffer overflow in ndpi_address_cache_restore in lib/ndpi_cache.c. - CVE-2025-25066 2025-02-3 15:15 2025-02-3 Show GitHub Exploit DB Packet Storm
560 - - - libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive. - CVE-2024-57966 2025-02-3 14:15 2025-02-3 Show GitHub Exploit DB Packet Storm