Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 23, 2025, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197261 6.8 警告 cruxsoftware - Crux Gallery の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4483 2012-06-26 16:02 2008-10-7 Show GitHub Exploit DB Packet Storm
197262 7.2 危険 GNU Project - ibackup における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4475 2012-06-26 16:02 2008-10-7 Show GitHub Exploit DB Packet Storm
197263 7.2 危険 FreeRADIUS - freeradius の freeradius-dialupadmin における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4474 2012-06-26 16:02 2008-10-7 Show GitHub Exploit DB Packet Storm
197264 9.3 危険 オートデスク株式会社 - Revit Architecture で使用される LiveUpdate ActiveX コントロールの UpdateEngine クラスにおける任意のプログラムを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-4472 2012-06-26 16:02 2008-10-7 Show GitHub Exploit DB Packet Storm
197265 9.3 危険 オートデスク株式会社 - Revit Architecture 2009 SP2 で使用される DWF Viewer ActiveX コントロール (AdView.dll) の CExpressViewerControl クラスにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4471 2012-06-26 16:02 2008-10-7 Show GitHub Exploit DB Packet Storm
197266 7.5 危険 extrovert software - eXtrovert Thyme の groups モジュールの pick_users.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4459 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
197267 7.5 危険 ephpscripts - E-Php B2B Trading Marketplace Script の listings.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4458 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
197268 9.3 危険 dspicture - GdPicture Light Imaging Toolkit の GdPicture4S.Imaging ActiveX コントロールなどにおける任意のファイルを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-4453 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
197269 9 危険 cambridge computer corporation - Cambridge Computer Corporation vxFtpSrv におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4452 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
197270 4.3 警告 domain group network - Domain Group Network GooCMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4424 2012-06-26 16:02 2008-10-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
911 5.3 MEDIUM
Network 		boldgrid w3_total_cache The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.8.1. This mak… CWE-862
 Missing Authorization 		CVE-2024-12006 2025-01-17 06:30 2025-01-14 Show GitHub Exploit DB Packet Storm
912 5.4 MEDIUM
Network 		themeisle orbit_fox The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table widget in all versions up to, and including, 2.10.43 due to insufficient in… CWE-79
Cross-site Scripting 		CVE-2025-0311 2025-01-17 06:29 2025-01-10 Show GitHub Exploit DB Packet Storm
913 5.4 MEDIUM
Network 		themeisle orbit_fox The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title_tag’ parameter in all versions up to, and including, 2.10.43 due to insufficient input sani… CWE-79
Cross-site Scripting 		CVE-2024-13183 2025-01-17 06:28 2025-01-10 Show GitHub Exploit DB Packet Storm
914 7.2 HIGH
Network 		simple-help simplehelp SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to… CWE-59
Link Following 		CVE-2024-57728 2025-01-17 06:24 2025-01-16 Show GitHub Exploit DB Packet Storm
915 7.5 HIGH
Network 		simple-help simplehelp SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleH… CWE-22
Path Traversal 		CVE-2024-57727 2025-01-17 06:22 2025-01-16 Show GitHub Exploit DB Packet Storm
916 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kopatheme Kopa Nictitate Toolkit allows Stored XSS.This issue affects Kopa Nictitate Toolkit: fro… CWE-79
Cross-site Scripting 		CVE-2025-23965 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
917 - - - Missing Authorization vulnerability in Sven Hofmann & Michael Schoenrock Mark Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a thr… CWE-862
 Missing Authorization 		CVE-2025-23963 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
918 - - - Missing Authorization vulnerability in Goldstar Goldstar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Goldstar: from n/a through 2.1.1. CWE-862
 Missing Authorization 		CVE-2025-23962 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
919 - - - Missing Authorization vulnerability in WP Tasker WordPress Graphs & Charts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Graphs & Charts: from n… CWE-862
 Missing Authorization 		CVE-2025-23961 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
920 - - - Missing Authorization vulnerability in Sur.ly Sur.ly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sur.ly: from n/a through 3.0.3. CWE-862
 Missing Authorization 		CVE-2025-23957 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm