Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 8, 2025, 6:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202981 6.4 警告 3S-Smart Software Solutions - 3S CoDeSys における任意のディレクトリを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5058 2012-01-12 15:53 2012-01-10 Show GitHub Exploit DB Packet Storm
202982 7.8 危険 ヒューレット・パッカード - 複数の HP 製品の HP-ChaiSOE Web サーバにおけるディレクトリトラバーサルの脆弱性 CWE-200
情報漏えい 		CVE-2011-4785 2012-01-11 16:11 2012-01-9 Show GitHub Exploit DB Packet Storm
202983 5 警告 Apache Software Foundation - Apache Struts におけるランタイムデータの値を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5057 2012-01-11 15:17 2012-01-8 Show GitHub Exploit DB Packet Storm
202984 9.3 危険 Apache Software Foundation - Apache Struts における任意のコマンドを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0392 2012-01-11 15:11 2012-01-8 Show GitHub Exploit DB Packet Storm
202985 9.3 危険 Apache Software Foundation - Apache Struts における任意の Java コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0391 2012-01-11 14:57 2012-01-8 Show GitHub Exploit DB Packet Storm
202986 5 警告 Wibu-Systems AG - CodeMeter Runtime におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-4057 2012-01-11 14:02 2012-01-11 Show GitHub Exploit DB Packet Storm
202987 5 警告 MediaWiki - MediaWiki における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4361 2012-01-11 11:22 2011-11-28 Show GitHub Exploit DB Packet Storm
202988 5 警告 MediaWiki - MediaWiki における制限されているすべてのページのタイトルを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4360 2012-01-11 11:15 2011-11-28 Show GitHub Exploit DB Packet Storm
202989 5 警告 MaraDNS - MaraDNS におけるサービス運用妨害 (CPU 資源の消費) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0024 2012-01-11 11:00 2011-12-29 Show GitHub Exploit DB Packet Storm
202990 2.1 注意 MaraDNS - MaraDNS の権威サーバにおけるサービス運用妨害 (CPU 資源の消費) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-5056 2012-01-11 10:59 2011-12-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 9, 2025, 4:56 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
341 - - - Server-Side Request Forgery (SSRF) vulnerability in Tips and Tricks HQ Compact WP Audio Player allows Server Side Request Forgery.This issue affects Compact WP Audio Player: from n/a through 1.9.14. New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-56279 2025-01-7 20:15 2025-01-7 Show GitHub Exploit DB Packet Storm
342 - - - Improper Control of Generation of Code ('Code Injection') vulnerability in Smackcoders WP Ultimate Exporter allows PHP Remote File Inclusion.This issue affects WP Ultimate Exporter: from n/a through … New CWE-94
Code Injection 		CVE-2024-56278 2025-01-7 20:15 2025-01-7 Show GitHub Exploit DB Packet Storm
343 - - - Missing Authorization vulnerability in WPForms Contact Form by WPForms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a thr… New CWE-862
 Missing Authorization 		CVE-2024-56276 2025-01-7 20:15 2025-01-7 Show GitHub Exploit DB Packet Storm
344 - - - Server-Side Request Forgery (SSRF) vulnerability in Envato Envato Elements allows Server Side Request Forgery.This issue affects Envato Elements: from n/a through 2.0.14. New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-56275 2025-01-7 20:15 2025-01-7 Show GitHub Exploit DB Packet Storm
345 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets allows Stored XSS.This issue affects Astra Widgets: from n/a throu… New CWE-79
Cross-site Scripting 		CVE-2024-56274 2025-01-7 20:15 2025-01-7 Show GitHub Exploit DB Packet Storm
346 - - - Missing Authorization vulnerability in WPvivid Backup & Migration WPvivid Backup and Migration allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPvivid Backup and Mi… New CWE-862
 Missing Authorization 		CVE-2024-56273 2025-01-7 20:15 2025-01-7 Show GitHub Exploit DB Packet Storm
347 - - - Missing Authorization vulnerability in SecureSubmit WP SecureSubmit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SecureSubmit: from n/a through 1.5.16. New CWE-862
 Missing Authorization 		CVE-2024-56271 2025-01-7 20:15 2025-01-7 Show GitHub Exploit DB Packet Storm
348 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickWhale ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link… New CWE-89
SQL Injection 		CVE-2024-51715 2025-01-7 20:15 2025-01-7 Show GitHub Exploit DB Packet Storm
349 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ? ?? (Minjun Kim) NAVER Analytics allows Stored XSS.This issue affects NAVER Analytics: from n/a … New CWE-79
Cross-site Scripting 		CVE-2024-51700 2025-01-7 20:15 2025-01-7 Show GitHub Exploit DB Packet Storm
350 - - - Missing Authorization vulnerability in CubeWP CubeWP Forms – All-in-One Form Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms – All-in-O… New CWE-862
 Missing Authorization 		CVE-2024-51651 2025-01-7 20:15 2025-01-7 Show GitHub Exploit DB Packet Storm