Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194331 4.3 警告 Endian - Endian Firewall におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4923 2012-09-19 16:17 2012-09-15 Show GitHub Exploit DB Packet Storm
194332 4.3 警告 Mike Carr - Flogr の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4336 2012-09-19 16:17 2012-09-15 Show GitHub Exploit DB Packet Storm
194333 4.3 警告 Python Software Foundation - Beaker における重要なセッションデータの一部を取得される脆弱性 CWE-310
暗号の問題 		CVE-2012-3458 2012-09-19 16:16 2012-09-15 Show GitHub Exploit DB Packet Storm
194334 4.3 警告 Kayako - Kayako Fusion におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-3233 2012-09-19 16:14 2012-09-15 Show GitHub Exploit DB Packet Storm
194335 6.8 警告 TestLink Development Team - TestLink におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2275 2012-09-19 16:12 2012-09-15 Show GitHub Exploit DB Packet Storm
194336 4.3 警告 Banana Dance - Banana Dance の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5176 2012-09-19 16:11 2011-10-2 Show GitHub Exploit DB Packet Storm
194337 7.5 危険 Banana Dance - Banana Dance の search.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5175 2012-09-19 16:09 2011-10-2 Show GitHub Exploit DB Packet Storm
194338 7.2 危険 インテル - 複数の Intel 製品におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5174 2012-09-19 16:07 2011-12-5 Show GitHub Exploit DB Packet Storm
194339 6.8 警告 Bugbear Entertainment - Bugbear Entertainment FlatOut におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5173 2012-09-19 16:05 2012-09-15 Show GitHub Exploit DB Packet Storm
194340 9.3 危険 PowerProduction Software - StoryBoard Quick におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5172 2012-09-19 16:04 2012-09-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 7, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
831 - - - An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a… - CVE-2025-0477 2025-01-31 03:15 2025-01-31 Show GitHub Exploit DB Packet Storm
832 - - - Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021 R2 due to adding InstallScript custom action to a Basic MSI or InstallScript MSI project extracting fe… - CVE-2023-29080 2025-01-31 03:15 2025-01-31 Show GitHub Exploit DB Packet Storm
833 5.5 MEDIUM
Local 		apple iphone_os
ipados 		This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4, iOS 18.3 and iPadOS 18.3. Restoring a maliciously crafted backup file may lead to modification of pr… CWE-59
Link Following 		CVE-2025-24104 2025-01-31 03:15 2025-01-28 Show GitHub Exploit DB Packet Storm
834 8.8 HIGH
Network 		apple watchos
ipados
macos
tvos
safari
visionos
iphone_os 		The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously … CWE-787
 Out-of-bounds Write 		CVE-2024-54543 2025-01-31 03:13 2025-01-28 Show GitHub Exploit DB Packet Storm
835 8.8 HIGH
Network 		apple macos
ipados
iphone_os
safari 		A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command i… CWE-77
Command Injection 		CVE-2025-24150 2025-01-31 03:10 2025-01-28 Show GitHub Exploit DB Packet Storm
836 3.3 LOW
Local 		apple macos
ipados
iphone_os 		A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. An app may be able to view a contact's phone n… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2025-24145 2025-01-31 03:04 2025-01-28 Show GitHub Exploit DB Packet Storm
837 7.5 HIGH
Network 		jyothisjoy eventer The Eventer plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'eventer_get_attendees' function in all versions up to, and including, 3.9.8 due to insufficient escap… CWE-89
SQL Injection 		CVE-2024-11135 2025-01-31 03:03 2025-01-28 Show GitHub Exploit DB Packet Storm
838 6.5 MEDIUM
Network 		apple macos
ipados
safari
visionos 		The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted web… NVD-CWE-noinfo
CVE-2025-24143 2025-01-31 03:03 2025-01-28 Show GitHub Exploit DB Packet Storm
839 3.3 LOW
Local 		apple ipados
iphone_os 		An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Pho… NVD-CWE-noinfo
CVE-2025-24141 2025-01-31 03:03 2025-01-28 Show GitHub Exploit DB Packet Storm
840 9.8 CRITICAL
Network 		themerex addons The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'trx_addons_uploads_save_data' function in all versions up to, and includin… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-13448 2025-01-31 03:01 2025-01-28 Show GitHub Exploit DB Packet Storm