Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 27, 2025, 12:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201441 7.5 危険 Sympa - Sympa の投稿保管庫管理ページにおける任意の投稿保管庫を操作される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2352 2012-06-4 14:27 2012-05-31 Show GitHub Exploit DB Packet Storm
201442 5 警告 Canonical - Ubuntu で使用される Update Manager におけるレポジトリ証明書を読まれる脆弱性 CWE-200
情報漏えい 		CVE-2012-0949 2012-06-4 14:03 2012-05-31 Show GitHub Exploit DB Packet Storm
201443 10 危険 Mozilla Foundation - 複数の Mozilla 製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2012-0444 2012-06-1 14:19 2012-01-31 Show GitHub Exploit DB Packet Storm
201444 7.8 危険 シスコシステムズ - Cisco ASR 9000 および CRS シリーズの Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-2488 2012-06-1 14:14 2012-05-30 Show GitHub Exploit DB Packet Storm
201445 6.8 警告 TYPO3 Association - TYPO3 の fileDenyPattern 機能におけるアクセス制限を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-5099 2012-06-1 13:50 2010-12-16 Show GitHub Exploit DB Packet Storm
201446 2.6 注意 株式会社バンダイナムコゲームス - 魔法少女まどか☆マギカ iP for Android における情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2012-2630 2012-06-1 12:04 2012-06-1 Show GitHub Exploit DB Packet Storm
201447 7.5 危険 Segue Project - Segue における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1255 2012-06-1 12:03 2012-06-1 Show GitHub Exploit DB Packet Storm
201448 4.3 警告 Segue Project - Segue におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1254 2012-06-1 12:02 2012-06-1 Show GitHub Exploit DB Packet Storm
201449 7.5 危険 Jaow - Jaow の add_ons.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-2952 2012-05-31 14:52 2012-05-29 Show GitHub Exploit DB Packet Storm
201450 7.5 危険 Plogger Project - Plogger の plog-rss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-2951 2012-05-31 14:52 2012-05-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 27, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
941 - - - In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling … - CVE-2024-57931 2025-01-21 21:15 2025-01-21 Show GitHub Exploit DB Packet Storm
942 - - - In the Linux kernel, the following vulnerability has been resolved: fgraph: Add READ_ONCE() when accessing fgraph_array[] In __ftrace_return_to_handler(), a loop iterates over the fgraph_array[] el… - CVE-2024-57934 2025-01-21 21:15 2025-01-21 Show GitHub Exploit DB Packet Storm
943 - - - In the Linux kernel, the following vulnerability has been resolved: gve: guard XDP xmit NDO on existence of xdp queues In GVE, dedicated XDP queues only exist when an XDP program is installed and t… - CVE-2024-57932 2025-01-21 21:15 2025-01-21 Show GitHub Exploit DB Packet Storm
944 - - - In the Linux kernel, the following vulnerability has been resolved: tracing: Have process_string() also allow arrays In order to catch a common bug where a TRACE_EVENT() TP_fast_assign() assigns an… - CVE-2024-57930 2025-01-21 21:15 2025-01-21 Show GitHub Exploit DB Packet Storm
945 6.4 MEDIUM
Network 		- - The Betheme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom JS functionality in all versions up to, and including, 27.6.1 due to insufficient input sanitizat… CWE-79
Cross-site Scripting 		CVE-2025-0450 2025-01-21 20:15 2025-01-21 Show GitHub Exploit DB Packet Storm
946 - - - An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/log_entries/summary. This can be carried out by users with read acc… - CVE-2024-52973 2025-01-21 20:15 2025-01-21 Show GitHub Exploit DB Packet Storm
947 - - - An allocation of resources without limits or throttling in Elasticsearch can lead to an OutOfMemoryError exception resulting in a crash via a specially crafted query using an SQL function. - CVE-2024-43709 2025-01-21 20:15 2025-01-21 Show GitHub Exploit DB Packet Storm
948 - - - Improper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to scan a file or process encoded as a multibyte character. This leads to an uncaught exception causing … - CVE-2024-37284 2025-01-21 20:15 2025-01-21 Show GitHub Exploit DB Packet Storm
949 6.1 MEDIUM
Network 		- - The wp-greet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2. This is due to missing or incorrect nonce validation on a function. This makes… CWE-352
 Origin Validation Error 		CVE-2024-13444 2025-01-21 20:15 2025-01-21 Show GitHub Exploit DB Packet Storm
950 5.3 MEDIUM
Network 		- - The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Limited SQL Injection via the ‘SuperSocializerKey’ parameter in all versions up to, … CWE-89
SQL Injection 		CVE-2024-13230 2025-01-21 20:15 2025-01-21 Show GitHub Exploit DB Packet Storm