Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 23, 2025, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194531 6.9 警告 CPE17 - CPE17 Autorun Killer の readfile 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-4054 2012-07-30 11:04 2012-07-25 Show GitHub Exploit DB Packet Storm
194532 3.5 注意 Oleg Kovalchuk - Drupal 用の cctags モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2310 2012-07-30 11:03 2012-05-2 Show GitHub Exploit DB Packet Storm
194533 3.5 注意 Propeople - Drupal 用の Glossify Internal Links Auto SEO モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2309 2012-07-30 11:03 2012-05-2 Show GitHub Exploit DB Packet Storm
194534 3.5 注意 tahiticlic - Drupal 用の Taxonomy Grid : Catalog モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2308 2012-07-30 11:01 2012-05-2 Show GitHub Exploit DB Packet Storm
194535 6.8 警告 Willem Van Der Plaat - Drupal 用の Addressbook モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2307 2012-07-30 11:00 2012-05-2 Show GitHub Exploit DB Packet Storm
194536 7.5 危険 Willem Van Der Plaat - Drupal 用の Addressbook モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-2306 2012-07-30 10:59 2012-05-2 Show GitHub Exploit DB Packet Storm
194537 6.8 警告 Justin Ellison - Drupal 用の Node Gallery モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2305 2012-07-30 10:50 2012-05-2 Show GitHub Exploit DB Packet Storm
194538 5 警告 JanRain - Drupal 用の Janrain Engage モジュールにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-2296 2012-07-30 10:48 2012-04-4 Show GitHub Exploit DB Packet Storm
194539 5 警告 Nancy Wichmann - Drupal 用の Site Documentation モジュールにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-2302 2012-07-30 10:47 2012-04-25 Show GitHub Exploit DB Packet Storm
194540 2.1 注意 FindingScience - Apache 用 mod_auth_openid におけるセッション ID を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2760 2012-07-30 10:43 2012-07-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
281 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Faaiq Ahmed, Technial Architect,faaiqsj@gmail.com Simple Custom post type custom field allows Ref… New CWE-79
Cross-site Scripting 		CVE-2025-23500 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
282 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Translation.Pro allows Reflected XSS. This issue affects Translation.Pro: from n/a throu… New CWE-79
Cross-site Scripting 		CVE-2025-23498 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
283 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WooCommerce Order Search allows Reflected XSS. This issue affects WooCommerce Order Sear… New CWE-79
Cross-site Scripting 		CVE-2025-23495 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
284 - - - Missing Authorization vulnerability in NotFound Database Sync allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Database Sync: from n/a through 0.5.1. New CWE-862
 Missing Authorization 		CVE-2025-23486 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
285 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound History timeline allows Reflected XSS. This issue affects History timeline: from n/a thr… New CWE-79
Cross-site Scripting 		CVE-2025-23475 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
286 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FWD Slider allows Reflected XSS. This issue affects FWD Slider: from n/a through 1.0. New CWE-79
Cross-site Scripting 		CVE-2025-23462 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
287 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Simple shortcode buttons allows Reflected XSS. This issue affects Simple shortcode butto… New CWE-79
Cross-site Scripting 		CVE-2025-23449 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
288 - - - A SQL Injection vulnerability exists in Senayan Library Management System SLiMS 9 Bulian 9.6.1 via the tempLoanID parameter in the loan form on /admin/modules/circulation/loan.php. New - CVE-2025-22980 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
289 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Mapbox for WP Advanced allows Reflected XSS. This issue affects Mapbox for WP Advanced: … New CWE-79
Cross-site Scripting 		CVE-2025-22772 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
290 5.4 MEDIUM
Network 		- - A flaw was found in Keycloak. When an Active Directory user resets their password, the system updates it without performing an LDAP bind to validate the new credentials against AD. This vulnerability… New CWE-287
Improper Authentication 		CVE-2025-0604 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm