Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 23, 2025, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194781	4.3	警告	Kajona	-	Kajona の system/functions.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3805	2012-07-17 16:01	2012-07-12	Show	GitHub Exploit DB Packet Storm

194782	7.5	危険	artis.imag	-	Basilic の Config/diff.php における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2012-3399	2012-07-17 15:59	2012-07-12	Show	GitHub Exploit DB Packet Storm

194783	7.5	危険	Apache Software Foundation	-	Apache Hadoop の DataNode における任意のブロックを読まれる脆弱性	CWE-310 暗号の問題	CVE-2012-3376	2012-07-17 15:57	2012-07-12	Show	GitHub Exploit DB Packet Storm

194784	3.6	注意	suckless.org	-	slock における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1620	2012-07-17 15:45	2012-07-12	Show	GitHub Exploit DB Packet Storm

194785	7.5	危険	Tiki Software Community Association	-	TikiWiki CMS/Groupware における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-0911	2012-07-17 15:43	2012-07-12	Show	GitHub Exploit DB Packet Storm

194786	9.3	危険	Google	-	Google Chrome の PDF 機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2012-2844	2012-07-17 11:22	2012-07-11	Show	GitHub Exploit DB Packet Storm

194787	9.3	危険	マイクロソフト	-	Microsoft Windows のシェルにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-0175	2012-07-13 16:19	2012-07-10	Show	GitHub Exploit DB Packet Storm

194788	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 9 における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-1522	2012-07-13 16:18	2012-07-10	Show	GitHub Exploit DB Packet Storm

194789	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 9 における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-1524	2012-07-13 16:17	2012-07-10	Show	GitHub Exploit DB Packet Storm

194790	6.9	警告	マイクロソフト	-	複数の Microsoft 製品の VBE6.dll における権限昇格の脆弱性	CWE-Other その他	CVE-2012-1854	2012-07-13 16:15	2012-07-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
351	5.4	MEDIUM Network	-	-	The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.8.96 via the wpaicg_troubleshoot_add_vector(). This makes it p… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-13360	2025-01-22 17:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

352	6.1	MEDIUM Network	-	-	The Themify Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, … New	CWE-79 Cross-site Scripting	CVE-2024-13319	2025-01-22 17:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

353	6.1	MEDIUM Network	-	-	The XML for Google Merchant Center plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'feed_id' parameter in all versions up to, and including, 3.0.11 due to insufficient in… New	CWE-79 Cross-site Scripting	CVE-2024-13406	2025-01-22 16:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

354	9.8	CRITICAL Network	-	-	The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.8. This is due to the plugin not properly verifying a user's identity prior to loggin… New	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2024-12857	2025-01-22 16:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

355	6.4	MEDIUM Network	-	-	The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter of the Button block in all versions up to, and including, 3.1… New	CWE-79 Cross-site Scripting	CVE-2024-12117	2025-01-22 16:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

356	-		-	-	Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If a user logs in to CLI of the affected produc… New	CWE-78 OS Command	CVE-2025-23237	2025-01-22 15:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

357	-		-	-	Inclusion of undocumented features issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. A remote attacker may disable the LAN-side firewall function of the affected products, and open specifi… New	CWE-1242 Inclusion of Undocumented Features or Chicken Bits	CVE-2025-22450	2025-01-22 15:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

358	-		-	-	Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If this vulnerability is exploited, an arbitrar… New	CWE-78 OS Command	CVE-2025-20617	2025-01-22 15:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

359	4.3	MEDIUM Network	-	-	The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'qc_wp_latest_update_check_pro' function in all versio… New	CWE-862 Missing Authorization	CVE-2024-12879	2025-01-22 15:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

360	8.6	HIGH Local	-	-	A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might miti… New	CWE-269 Improper Privilege Management	CVE-2024-11218	2025-01-22 14:15	2025-01-22	Show	GitHub Exploit DB Packet Storm