Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194541 6.9 警告 Opera Software ASA - Opera における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5227 2012-09-11 15:04 2010-09-9 Show GitHub Exploit DB Packet Storm
194542 6.9 警告 オートデスク株式会社 - Autodesk Design Review 2011 における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5226 2012-09-11 15:03 2012-09-7 Show GitHub Exploit DB Packet Storm
194543 6.9 警告 Dassault Systemes - Dassault Systemes 3DVIA Composer における権限を取得される脆弱性 CWE-Other
その他 		CVE-2012-4883 2012-09-11 11:04 2012-09-7 Show GitHub Exploit DB Packet Storm
194544 6.9 警告 Dassault Systemes - Dassault Systemes 3D XML Player における権限を取得される脆弱性 CWE-Other
その他 		CVE-2012-4882 2012-09-11 11:03 2012-09-7 Show GitHub Exploit DB Packet Storm
194545 6.9 警告 ソニー株式会社 - Sony moviEZ HD における権限を取得される脆弱性 CWE-Other
その他 		CVE-2012-4881 2012-09-11 11:01 2012-09-7 Show GitHub Exploit DB Packet Storm
194546 6.9 警告 ソニー株式会社 - Sony DVD Architect Pro および DVD Architect Studio における権限を取得される脆弱性 CWE-Other
その他 		CVE-2012-4880 2012-09-11 11:00 2012-09-7 Show GitHub Exploit DB Packet Storm
194547 10 危険 ワゴジャパン株式会社 - Linux コンソール上で稼働する WAGO I/O System 758 model Industrial PC デバイスにおけるログイン権限を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-4879 2012-09-11 10:15 2012-09-5 Show GitHub Exploit DB Packet Storm
194548 10 危険 ワゴジャパン株式会社 - WAGO I/O System 758 model Industrial PC デバイスにおける管理者のアクセス権限を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-3013 2012-09-11 10:14 2012-09-5 Show GitHub Exploit DB Packet Storm
194549 5 警告 Flatnux - FlatnuX CMS の controlcenter.php における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-4878 2012-09-11 10:13 2012-09-6 Show GitHub Exploit DB Packet Storm
194550 6.8 警告 Flatnux - FlatnuX CMS の controlcenter.php におけるクロスサイトスクリプティングの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-4877 2012-09-11 10:13 2012-09-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 14, 2025, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1321 - - - The Responsive iframe WordPress plugin through 1.2.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow user… - CVE-2024-12768 2025-02-5 06:15 2025-02-1 Show GitHub Exploit DB Packet Storm
1322 - - - The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only mean… - CVE-2025-0938 2025-02-5 06:15 2025-02-1 Show GitHub Exploit DB Packet Storm
1323 - - - reNgine is an automated reconnaissance framework for web applications. An unrestricted project deletion vulnerability allows attackers with specific roles, such as `penetration_tester` or `auditor` t… CWE-284
Improper Access Control 		CVE-2025-24968 2025-02-5 05:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1324 - - - reNgine is an automated reconnaissance framework for web applications. A stored cross-site scripting (XSS) vulnerability exists in the admin panel's user management functionality. An attacker can exp… CWE-79
Cross-site Scripting 		CVE-2025-24967 2025-02-5 05:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1325 - - - reNgine is an automated reconnaissance framework for web applications. HTML Injection occurs when an application improperly validates or sanitizes user inputs, allowing attackers to inject arbitrary … CWE-79
Cross-site Scripting 		CVE-2025-24966 2025-02-5 05:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1326 - - - Vitest is a testing framework powered by Vite. Affected versions are subject to arbitrary remote Code Execution when accessing a malicious website while Vitest API server is listening by Cross-site W… CWE-1385
 Missing Origin Validation in WebSockets 		CVE-2025-24964 2025-02-5 05:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1327 - - - Vitest is a testing framework powered by Vite. The `__screenshot-error` handler on the browser mode HTTP server that responds any file on the file system. Especially if the server is exposed on the n… CWE-22
Path Traversal 		CVE-2025-24963 2025-02-5 05:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1328 - - - AutomationDirect C-more EA9 HMI contains a function with bounds checks that can be skipped, which could result in an attacker abusing the function to cause a denial-of-service condition or achieving … CWE-120
Classic Buffer Overflow 		CVE-2025-0960 2025-02-5 05:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1329 - - - Multiple Western Telematic (WTI) products contain a web interface that is vulnerable to a local file inclusion attack (LFI), where any authenticated user has privileged access to files on the device'… CWE-73
 External Control of File Name or Path 		CVE-2025-0630 2025-02-5 05:15 2025-02-5 Show GitHub Exploit DB Packet Storm
1330 - - - A security issue was found in Sparkle before version 2.64. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s (Ed)DSA signing checks. - CVE-2025-0509 2025-02-5 05:15 2025-02-5 Show GitHub Exploit DB Packet Storm