Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 19, 2025, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194791	5	警告	アップル	-	Apple AirPort Express などの FTP プロキシサーバにおけるイントラネット FTP サーバから TCP 転送をされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0962	2012-06-26 16:19	2010-03-10	Show	GitHub Exploit DB Packet Storm

194792	7.5	危険	dev4u	-	dev4u CMS の go_target.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0951	2012-06-26 16:19	2010-03-10	Show	GitHub Exploit DB Packet Storm

194793	6.8	警告	bfs.kilu	-	Bigforum の profil.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0948	2012-06-26 16:19	2010-03-10	Show	GitHub Exploit DB Packet Storm

194794	4.3	警告	bbsmax	-	Max Network Technology BBSMAX の post.aspx におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0947	2012-06-26 16:19	2010-03-10	Show	GitHub Exploit DB Packet Storm

194795	4.3	警告	D-Link Systems, Inc.	-	D-LINK DKVM-IP8 の auth.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0936	2012-06-26 16:19	2010-03-8	Show	GitHub Exploit DB Packet Storm

194796	5	警告	アップルマイクロソフト	-	Apple Safari で使用されている CFNetwork の cfnetwork.dll におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2010-0925	2012-06-26 16:19	2010-03-3	Show	GitHub Exploit DB Packet Storm

194797	5	警告	アップルマイクロソフト	-	Apple Safari で使用されている CFNetwork の cfnetwork.dll におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2010-0924	2012-06-26 16:19	2010-03-3	Show	GitHub Exploit DB Packet Storm

194798	4.4	警告	GNU Project	-	emacs の movemail の lib-src/movemail.c における任意のメールボックスファイルを削除される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0825	2012-06-26 16:19	2010-04-5	Show	GitHub Exploit DB Packet Storm

194799	7.5	危険	aleinbeen Invision Power Services, Inc	-	Invision Power Board の改訂版である (nv2) Awards の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0802	2012-06-26 16:19	2010-03-2	Show	GitHub Exploit DB Packet Storm

194800	3.5	注意	Autartica Joomla!	-	Joomla! の autartitarot コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0801	2012-06-26 16:19	2010-03-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 19, 2025, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
31	-		-	-	The List category posts WordPress plugin before 0.90.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which cou… New	-	CVE-2024-9020	2025-01-18 15:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

32	6.1	MEDIUM Network	-	-	The Kubio AI Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.5 due to insufficient input saniti… New	CWE-79 Cross-site Scripting	CVE-2024-13516	2025-01-18 15:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

33	6.1	MEDIUM Network	-	-	The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'path' parameter in all versions up to, and including, 2.2… New	CWE-79 Cross-site Scripting	CVE-2024-13515	2025-01-18 15:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

34	5.3	MEDIUM Network	-	-	The Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete… New	CWE-862 Missing Authorization	CVE-2024-12071	2025-01-18 13:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

35	-		-	-	Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. This is an remote code execution (RCE) vulnerability that affects Craft 4 and 5 installs where yo… New	CWE-94 Code Injection	CVE-2025-23209	2025-01-18 10:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

36	-		-	-	Under certain log settings the IAM or CORE service will log credentials in the iam logfile in Fortra Application Hub (Formerly named Helpsystems One) prior to version 1.3 New	-	CVE-2024-11923	2025-01-18 09:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

37	-		-	-	A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. New	-	CVE-2023-50739	2025-01-18 09:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

38	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. New	-	CVE-2020-0436	2025-01-18 09:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

39	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. New	-	CVE-2020-0040	2025-01-18 09:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

40	-		-	-	In multiple locations, there is a possible way to read protected files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges need… New	-	CVE-2018-9464	2025-01-18 09:15	2025-01-18	Show	GitHub Exploit DB Packet Storm