Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 24, 2025, 10:02 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194781	6.4	警告	RSAセキュリティ	-	EMC RSA Authentication Manager および RSA SecurID Appliance におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2012-2279	2012-07-18 10:57	2012-07-13	Show	GitHub Exploit DB Packet Storm

194782	4.3	警告	RSAセキュリティ	-	EMC RSA Authentication Manager および RSA SecurID Appliance におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2278	2012-07-18 10:56	2012-07-13	Show	GitHub Exploit DB Packet Storm

194783	4.3	警告	CKEditor Team	-	FCKeditor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4000	2012-07-17 16:44	2012-07-12	Show	GitHub Exploit DB Packet Storm

194784	4.3	警告	Sayak Banerjee	-	Sticky Notes の admin/login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3999	2012-07-17 16:43	2012-07-12	Show	GitHub Exploit DB Packet Storm

194785	7.5	危険	Sayak Banerjee	-	Sticky Notes における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-3998	2012-07-17 16:43	2012-07-12	Show	GitHub Exploit DB Packet Storm

194786	4.3	警告	Sayak Banerjee	-	Sticky Notes におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3997	2012-07-17 16:42	2012-07-12	Show	GitHub Exploit DB Packet Storm

194787	6.8	警告	VideoLAN	-	VideoLAN VLC media player の OGG demuxer におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-3377	2012-07-17 16:36	2012-05-2	Show	GitHub Exploit DB Packet Storm

194788	6.8	警告	Wafer	-	Webmatic の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-3350	2012-07-17 16:35	2012-07-12	Show	GitHub Exploit DB Packet Storm

194789	9.3	危険	Esri	-	ESRI ArcMap および ArcGI における任意の VBA コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-1661	2012-07-17 16:29	2012-07-12	Show	GitHub Exploit DB Packet Storm

194790	6.8	警告	eXtplorer	-	eXtplorer におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-3362	2012-07-17 16:27	2012-07-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
361	6.4	MEDIUM Network	-	-	The Ketchup Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spacer' shortcode in all versions up to, and including, 0.1.2 due to insufficient input sani… New	CWE-79 Cross-site Scripting	CVE-2024-13590	2025-01-22 13:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

362	6.4	MEDIUM Network	-	-	The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_pictures' shortcode in all versions up t… New	CWE-79 Cross-site Scripting	CVE-2024-13584	2025-01-22 13:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

363	5.4	MEDIUM Network	-	-	The WP-Polls plugin for WordPress is vulnerable to SQL Injection via COOKIE in all versions up to, and including, 2.77.2 due to insufficient escaping on the user supplied parameter and lack of suffic… New	CWE-89 SQL Injection	CVE-2024-13426	2025-01-22 12:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

364	-		-	-	With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an inst… New	-	CVE-2025-23090	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

365	-		-	-	This CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node.js. These versions are no longer supported and do not receive updates, including security patches. The … New	-	CVE-2025-23089	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

366	-		-	-	This CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node.js. These versions are no longer supported and do not receive updates, including security patches. The … New	-	CVE-2025-23088	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

367	-		-	-	This CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node.js. These versions are no longer supported and do not receive updates, including security patches. The … New	-	CVE-2025-23087	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

368	-		-	-	With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an insta… New	-	CVE-2025-23083	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

369	3.1	LOW Network	-	-	A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part of the component Attachment Handler. The manipulation leads t… New	CWE-99 Resource Injection	CVE-2025-0625	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

370	9.8	CRITICAL Network	-	-	The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcld_wpcfb_file_upload' function in all versions up to, and in… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-13091	2025-01-22 09:15	2025-01-22	Show	GitHub Exploit DB Packet Storm