Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
198961 7.5 危険 Likno Software Inc. - WordPress 用 AllWebMenus プラグインの actions.php における任意の PHP コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2012-1011 2012-02-9 15:59 2012-02-7 Show GitHub Exploit DB Packet Storm
198962 7.5 危険 Likno Software Inc. - WordPress 用 AllWebMenus プラグインの actions.php における任意の PHP コードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2012-1010 2012-02-9 15:59 2012-02-7 Show GitHub Exploit DB Packet Storm
198963 8.5 危険 OpenEMR - OpenEMR の interface/fax/fax_dispatch.php における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2012-0992 2012-02-9 15:57 2012-02-7 Show GitHub Exploit DB Packet Storm
198964 3.5 注意 OpenEMR - OpenEMR におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2012-0991 2012-02-9 15:57 2012-02-7 Show GitHub Exploit DB Packet Storm
198965 3.5 注意 DClassifieds - DClassifieds の admin/settings/update におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2012-0990 2012-02-9 15:56 2012-02-7 Show GitHub Exploit DB Packet Storm
198966 4.3 警告 Zenphoto - Zenphoto の zp-core/admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4907 2012-02-9 11:18 2011-10-8 Show GitHub Exploit DB Packet Storm
198967 7.5 危険 Zenphoto - Zenphoto の zp-core/full-image.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4906 2012-02-9 11:12 2011-10-8 Show GitHub Exploit DB Packet Storm
198968 7.5 危険 SoftbizScripts - Softbiz Article Directory Script における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4905 2012-02-9 11:12 2011-10-8 Show GitHub Exploit DB Packet Storm
198969 7.5 危険 DrBenHur - DBHcms の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4869 2012-02-9 11:10 2011-10-5 Show GitHub Exploit DB Packet Storm
198970 4.3 警告 W-Agora - W-Agora の search.php3 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-4868 2012-02-9 11:10 2011-10-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
263251 - xnview xnview Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0684. CWE-189
Numeric Errors
CVE-2012-0685 2012-05-10 13:00 2012-05-9 Show GitHub Exploit DB Packet Storm
263252 - apple iphone_os Safari in Apple iOS before 5.1.1 allows remote attackers to spoof the location bar's URL via a crafted web site. CWE-20
 Improper Input Validation 
CVE-2012-0674 2012-05-8 19:25 2012-05-8 Show GitHub Exploit DB Packet Storm
263253 - oracle peoplesoft_enterprise_hrms Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Update 2011-B and 9.1 Update 2011-B allows remote authenticated users to affect confidentiality and integrity via unknown vectors re… NVD-CWE-noinfo
CVE-2011-0861 2012-05-1 13:00 2011-04-20 Show GitHub Exploit DB Packet Storm
263254 - justsystems ichitaro
ichitaro_portable_with_oreplug
ichitaro_viewer
just_frontier
just_jump
just_school
oreplug
rekishimail_bakumatsushishi_no_missho
rekishimail_sengokubusho_no_missho
Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2012-0269 2012-04-30 13:00 2012-04-28 Show GitHub Exploit DB Packet Storm
263255 - dotclear dotclear The updateFile function in inc/core/class.dc.media.php in the Media Manager in Dotclear before 2.2.3 does not properly restrict pathnames, which allows remote authenticated users to upload and execut… CWE-264
Permissions, Privileges, and Access Controls
CVE-2011-1584 2012-04-27 13:00 2011-06-8 Show GitHub Exploit DB Packet Storm
263256 - visiwave site_survey VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a (1) vws and (2) vwr file with an invalid Type prop… CWE-94
Code Injection
CVE-2011-2386 2012-04-27 13:00 2011-06-8 Show GitHub Exploit DB Packet Storm
263257 - cmsmadesimple cms_made_simple Unspecified vulnerability in the News module in CMS Made Simple (CMSMS) before 1.9.1 has unknown impact and attack vectors. NVD-CWE-noinfo
CVE-2010-4663 2012-04-27 13:00 2011-06-8 Show GitHub Exploit DB Packet Storm
263258 - anymacro anymacro_mail_system Directory traversal vulnerability in the web interface in AnyMacro Mail System G4X allows remote attackers to read arbitrary files via directory traversal sequences in a request. CWE-22
Path Traversal
CVE-2011-2468 2012-04-25 13:00 2011-06-9 Show GitHub Exploit DB Packet Storm
263259 - ibm tivoli_federated_identity_manager
tivoli_federated_identity_manager_business_gateway
Unspecified vulnerability in the Management Console in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6… NVD-CWE-noinfo
CVE-2011-3136 2012-04-25 13:00 2011-08-13 Show GitHub Exploit DB Packet Storm
263260 - ibm tivoli_federated_identity_manager IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when com.tivoli.am.fim.infocard.delegates.InfoCardSTSDelegate tracing is enabled, creates a cleartext log entry containing a passwor… CWE-310
Cryptographic Issues
CVE-2009-5084 2012-04-25 13:00 2011-08-13 Show GitHub Exploit DB Packet Storm