Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 23, 2025, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194791	4.3	警告	マイクロソフト	-	Microsoft SharePoint 製品および Microsoft Office Web Apps におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1859	2012-07-13 16:13	2012-07-10	Show	GitHub Exploit DB Packet Storm

194792	5.5	警告	マイクロソフト	-	Microsoft SharePoint 製品および Microsoft Office Web Apps における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1860	2012-07-13 16:13	2012-07-10	Show	GitHub Exploit DB Packet Storm

194793	4.3	警告	マイクロソフト	-	Microsoft SharePoint 製品および Microsoft Office Web Apps におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1861	2012-07-13 16:12	2012-07-10	Show	GitHub Exploit DB Packet Storm

194794	6.8	警告	マイクロソフト	-	Microsoft Office SharePoint Server 2007 におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2012-1862	2012-07-13 16:11	2012-07-10	Show	GitHub Exploit DB Packet Storm

194795	4.3	警告	マイクロソフト	-	複数の Microsoft SharePoint 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1863	2012-07-13 16:09	2012-07-10	Show	GitHub Exploit DB Packet Storm

194796	4.3	警告	マイクロソフト	-	Microsoft Windows の TLS プロトコルの CBC モードにおける平文データを取得される脆弱性	CWE-200 情報漏えい	CVE-2012-1870	2012-07-13 16:09	2012-07-10	Show	GitHub Exploit DB Packet Storm

194797	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-20 不適切な入力確認	CVE-2012-1890	2012-07-13 16:07	2012-07-10	Show	GitHub Exploit DB Packet Storm

194798	9.3	危険	マイクロソフト	-	MDAC および WDAC におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-1891	2012-07-13 16:06	2012-07-10	Show	GitHub Exploit DB Packet Storm

194799	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-20 不適切な入力確認	CVE-2012-1893	2012-07-13 16:06	2012-07-10	Show	GitHub Exploit DB Packet Storm

194800	6.9	警告	マイクロソフト	-	Microsoft Office for Mac 2011 における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1894	2012-07-13 16:04	2012-07-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
361	6.4	MEDIUM Network	-	-	The Ketchup Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spacer' shortcode in all versions up to, and including, 0.1.2 due to insufficient input sani… New	CWE-79 Cross-site Scripting	CVE-2024-13590	2025-01-22 13:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

362	6.4	MEDIUM Network	-	-	The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_pictures' shortcode in all versions up t… New	CWE-79 Cross-site Scripting	CVE-2024-13584	2025-01-22 13:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

363	5.4	MEDIUM Network	-	-	The WP-Polls plugin for WordPress is vulnerable to SQL Injection via COOKIE in all versions up to, and including, 2.77.2 due to insufficient escaping on the user supplied parameter and lack of suffic… New	CWE-89 SQL Injection	CVE-2024-13426	2025-01-22 12:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

364	-		-	-	With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an inst… New	-	CVE-2025-23090	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

365	-		-	-	This CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node.js. These versions are no longer supported and do not receive updates, including security patches. The … New	-	CVE-2025-23089	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

366	-		-	-	This CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node.js. These versions are no longer supported and do not receive updates, including security patches. The … New	-	CVE-2025-23088	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

367	-		-	-	This CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node.js. These versions are no longer supported and do not receive updates, including security patches. The … New	-	CVE-2025-23087	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

368	-		-	-	With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an insta… New	-	CVE-2025-23083	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

369	3.1	LOW Network	-	-	A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part of the component Attachment Handler. The manipulation leads t… New	CWE-99 Resource Injection	CVE-2025-0625	2025-01-22 11:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

370	9.8	CRITICAL Network	-	-	The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcld_wpcfb_file_upload' function in all versions up to, and in… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-13091	2025-01-22 09:15	2025-01-22	Show	GitHub Exploit DB Packet Storm