Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 12, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202001 6.8 警告 E-Xoopport - E-Xoopport Samsara における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3467 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
202002 4.3 警告 NetArt Media - NetArt Media iBoutique.MALL の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3466 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
202003 4.3 警告 ecommercesoft - XSE Shopping Cart におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3465 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
202004 6.8 警告 santafox - SantaFox の admin/manager_users.class.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3464 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
202005 4.3 警告 santafox - SantaFox の modules/search/search.class.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3463 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
202006 4.3 警告 mollify - Mollify の backend/plugin/Registration/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3462 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
202007 7.5 危険 endonesia - eNdonesia の Publisher モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3461 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
202008 5 警告 Gecad Technologies - AXIGEN Mail Server の HTTP インターフェースにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-3460 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
202009 4.3 警告 Gecad Technologies - AXIGEN Mail Server の Ajax WebMail インターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3459 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
202010 4 警告 Linux - Linux kernel のdrivers/platform/x86/thinkpad_acpi.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3448 2012-03-27 18:42 2011-01-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 12, 2025, 4:59 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
791 - - - A malicious or compromised MacPorts mirror can execute arbitrary commands as root on the machine of a client running port selfupdate against the mirror. - CVE-2024-11681 2025-01-8 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
792 - - - The Category Posts Widget WordPress plugin before 4.9.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting… - CVE-2024-9638 2025-01-8 01:15 2025-01-7 Show GitHub Exploit DB Packet Storm
793 - - - The WordPress Auction Plugin WordPress plugin through 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Stored Cross-Site Script… - CVE-2024-8857 2025-01-8 01:15 2025-01-7 Show GitHub Exploit DB Packet Storm
794 - - - The WordPress Auction Plugin WordPress plugin through 3.7 does not sanitize and escape a parameter before using it in a SQL statement, allowing editors and above to perform SQL injection attacks - CVE-2024-8855 2025-01-8 01:15 2025-01-7 Show GitHub Exploit DB Packet Storm
795 - - - An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attackers to obtain sensitive information without authentication. - CVE-2024-54767 2025-01-8 01:15 2025-01-7 Show GitHub Exploit DB Packet Storm
796 - - - Plane is an open-source project management tool. A cross-site scripting (XSS) vulnerability has been identified in Plane versions prior to 0.23. The vulnerability allows authenticated users to upload… - CVE-2025-21616 2025-01-8 01:15 2025-01-7 Show GitHub Exploit DB Packet Storm
797 - - - An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.… - CVE-2024-48457 2025-01-8 01:15 2025-01-7 Show GitHub Exploit DB Packet Storm
798 - - - An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.… - CVE-2024-48456 2025-01-8 01:15 2025-01-7 Show GitHub Exploit DB Packet Storm
799 - - - An issue in the DeviceloControl function of ITE Tech. Inc ITE IO Access v1.0.0.0 allows attackers to perform arbitrary port read and write actions via supplying crafted IOCTL requests. - CVE-2024-55407 2025-01-8 01:15 2025-01-7 Show GitHub Exploit DB Packet Storm
800 - - - A stored cross-site scripting (XSS) vulnerability in the component /media/test.html of REDAXO CMS v5.17.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload int… - CVE-2024-46209 2025-01-8 01:15 2025-01-7 Show GitHub Exploit DB Packet Storm