Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 30, 2025, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
200131 7.5 危険 aimstats - AimStats の process.php における PHP コードを挿入される脆弱性 - CVE-2007-2167 2012-06-26 15:46 2007-04-22 Show GitHub Exploit DB Packet Storm
200132 5 警告 アップル - Apple Safari におけるサービス運用妨害 (DoS) 状態となる脆弱性 - CVE-2007-2163 2012-06-26 15:46 2007-04-22 Show GitHub Exploit DB Packet Storm
200133 7.8 危険 GNU Project
Mozilla Foundation
- Mozilla Firefox におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2162 2012-06-26 15:46 2007-04-22 Show GitHub Exploit DB Packet Storm
200134 7.5 危険 Drupal - Drupal 用の dba モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2007-2160 2012-06-26 15:46 2007-04-11 Show GitHub Exploit DB Packet Storm
200135 4.3 警告 Drupal - Drupal 用の dba モジュールにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2159 2012-06-26 15:46 2007-04-11 Show GitHub Exploit DB Packet Storm
200136 7.5 危険 cabron connector - Cabron Connector の services/samples/inclusionService.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2154 2012-06-26 15:46 2007-04-19 Show GitHub Exploit DB Packet Storm
200137 6.8 警告 atmail pty ltd - Atmail の atmail.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2153 2012-06-26 15:46 2007-04-19 Show GitHub Exploit DB Packet Storm
200138 7.8 危険 bluearc - BlueArc Titan デバイスの BlueArc-FTPD における他のサイトへトラフィックをリダイレクトする脆弱性 - CVE-2007-2150 2012-06-26 15:46 2007-04-19 Show GitHub Exploit DB Packet Storm
200139 7.5 危険 bonoestente - Joomla! の Be2004-2 テンプレートの index.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2143 2012-06-26 15:46 2007-04-19 Show GitHub Exploit DB Packet Storm
200140 7.5 危険 ajportal2php - AjPortal2Php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2142 2012-06-26 15:46 2007-04-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
961 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alessandro Benoit WpDevTool allows Reflected XSS. This issue affects WpDevTool: from n/a through … CWE-79
Cross-site Scripting
CVE-2025-23624 2025-01-24 01:15 2025-01-24 Show GitHub Exploit DB Packet Storm
962 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Navnish Bhardwaj WP Social Broadcast allows Reflected XSS. This issue affects WP Social Broadcast… CWE-79
Cross-site Scripting
CVE-2025-23545 2025-01-24 01:15 2025-01-24 Show GitHub Exploit DB Packet Storm
963 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in heart5 StatPressCN allows Reflected XSS. This issue affects StatPressCN: from n/a through 1.9.1. CWE-79
Cross-site Scripting
CVE-2025-23544 2025-01-24 01:15 2025-01-24 Show GitHub Exploit DB Packet Storm
964 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in edmon Download, Downloads allows Reflected XSS. This issue affects Download, Downloads : from n/… CWE-79
Cross-site Scripting
CVE-2025-23541 2025-01-24 01:15 2025-01-24 Show GitHub Exploit DB Packet Storm
965 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mohsin khan WP Front-end login and register allows Reflected XSS. This issue affects WP Front-end… CWE-79
Cross-site Scripting
CVE-2025-23540 2025-01-24 01:15 2025-01-24 Show GitHub Exploit DB Packet Storm
966 - - - Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Media Library Mime Type allows Stored XSS. This issue affects Rocket Media Library Mime Type: from n/a through 2.1.0. CWE-352
 Origin Validation Error
CVE-2025-22768 2025-01-24 01:15 2025-01-24 Show GitHub Exploit DB Packet Storm
967 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tarak Patel WP Query Creator allows Reflected XSS. This issue affects WP Query Creator: from n/a … CWE-79
Cross-site Scripting
CVE-2025-22264 2025-01-24 01:15 2025-01-24 Show GitHub Exploit DB Packet Storm
968 - - - It has been found that the Beta10 software does not provide for proper authorisation control in multiple areas of the application. This deficiency could allow a malicious actor, without authenticatio… CWE-287
Improper Authentication
CVE-2025-0637 2025-01-24 01:15 2025-01-24 Show GitHub Exploit DB Packet Storm
969 - - - SQL Injection vulnerability in the default configuration of the Logitime WebClock application <= 5.43.0 allows an unauthenticated user to run arbitrary code on the backend database server. - CVE-2024-55971 2025-01-24 01:15 2025-01-24 Show GitHub Exploit DB Packet Storm
970 - - - ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection. - CVE-2024-52325 2025-01-24 01:15 2025-01-24 Show GitHub Exploit DB Packet Storm