Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 14, 2025, 6:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
199221	2.1	注意	シスコシステムズ	-	Cisco Secure Desktop の SSL VPN Client における暗号化されていないデータを読まれる脆弱性	-	CVE-2006-5806	2012-06-26 15:37	2006-11-8	Show	GitHub Exploit DB Packet Storm

199222	7.5	危険	advanced guestbook	-	Advanced Guestbook の admin.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5804	2012-06-26 15:37	2006-11-8	Show	GitHub Exploit DB Packet Storm

199223	7.5	危険	e107.org	-	e107 の class2.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5786	2012-06-26 15:37	2006-11-7	Show	GitHub Exploit DB Packet Storm

199224	7.5	危険	creasito	-	Creasito E-Commerce Content Manager における認証を回避される脆弱性	-	CVE-2006-5777	2012-06-26 15:37	2006-11-6	Show	GitHub Exploit DB Packet Storm

199225	6.8	警告	funkboard	-	FunkBoard の profile.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5775	2012-06-26 15:37	2006-11-6	Show	GitHub Exploit DB Packet Storm

199226	5	警告	FreeWebshop	-	FreeWebshop の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5773	2012-06-26 15:37	2006-11-6	Show	GitHub Exploit DB Packet Storm

199227	7.5	危険	FreeWebshop	-	FreeWebshop の index.php における SQL インジェクションの脆弱性	-	CVE-2006-5772	2012-06-26 15:37	2006-11-6	Show	GitHub Exploit DB Packet Storm

199228	4.3	警告	arkoon	-	Arkoon SSL におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5771	2012-06-26 15:37	2006-09-15	Show	GitHub Exploit DB Packet Storm

199229	6.8	警告	ac4p	-	ac4p Mobile におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5770	2012-06-26 15:37	2006-11-6	Show	GitHub Exploit DB Packet Storm

199230	4.3	警告	fixpunkt gmbh	-	admin.tool CMS 3 におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5769	2012-06-26 15:37	2006-11-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
661	-		-	-	A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this issue is some unknown functionality…	-	CVE-2024-13130	2025-01-10 23:15	2025-01-5	Show	GitHub Exploit DB Packet Storm

662	-		-	-	A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/create_product.php of the com…	-	CVE-2024-13205	2025-01-10 22:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

663	-		-	-	FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadPara…	-	CVE-2025-23016	2025-01-10 21:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

664	5.3	MEDIUM Network	-	-	The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including,…	CWE-463	CVE-2024-13318	2025-01-10 21:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

665	-		-	-	Smart Toilet Lab - Motius 1.3.11 is running with debug mode turned on (DEBUG = True) and exposing sensitive information defined in Django settings file through verbose error page.	-	CVE-2024-56113	2025-01-10 20:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

666	6.4	MEDIUM Network	-	-	The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title_tag’ parameter in all versions up to, and including, 2.10.43 due to insufficient input sani…	CWE-79 Cross-site Scripting	CVE-2024-13183	2025-01-10 17:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

667	6.4	MEDIUM Network	-	-	The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table widget in all versions up to, and including, 2.10.43 due to insufficient in…	CWE-79 Cross-site Scripting	CVE-2025-0311	2025-01-10 16:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

668	4.3	MEDIUM Network	-	-	The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to unauthorized modifica…	CWE-862 Missing Authorization	CVE-2024-12606	2025-01-10 13:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

669	6.5	MEDIUM Network	-	-	The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to SQL Injection via the…	CWE-89 SQL Injection	CVE-2024-12473	2025-01-10 13:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

670	8.8	HIGH Network	-	-	Improper access control in Azure SaaS Resources allows an authorized attacker to disclose information over a network.	CWE-284 Improper Access Control	CVE-2025-21380	2025-01-10 08:15	2025-01-10	Show	GitHub Exploit DB Packet Storm