Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Dec. 25, 2024, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
203201 2.6 注意 Mozilla Foundation - Mozilla Firefox および Thunderbird における同一生成元ポリシーを回避される脆弱性 CWE-200
情報漏えい
CVE-2011-3649 2011-11-14 11:39 2011-11-8 Show GitHub Exploit DB Packet Storm
203202 10 危険 アドビシステムズ - Adobe Shockwave Player の TextXtra モジュールにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2011-2449 2011-11-14 11:36 2011-11-8 Show GitHub Exploit DB Packet Storm
203203 10 危険 アドビシステムズ - Adobe Shockwave Player の DIRapi ライブラリにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2011-2448 2011-11-14 11:35 2011-11-8 Show GitHub Exploit DB Packet Storm
203204 10 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2011-2447 2011-11-14 11:34 2011-11-8 Show GitHub Exploit DB Packet Storm
203205 10 危険 アドビシステムズ - Adobe Shockwave Player の DIRapi ライブラリにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2011-2446 2011-11-14 11:24 2011-11-8 Show GitHub Exploit DB Packet Storm
203206 9.3 危険 マイクロソフト - Microsoft Windows の Windows Mail および Windows Meeting Space における権限昇格の脆弱性 CWE-Other
その他
CVE-2011-2016 2011-11-14 11:24 2011-11-8 Show GitHub Exploit DB Packet Storm
203207 9 危険 マイクロソフト - Microsoft Windows の LDAP over SSL 実装における証明書の制限を回避される脆弱性 CWE-287
不適切な認証
CVE-2011-2014 2011-11-14 11:22 2011-11-8 Show GitHub Exploit DB Packet Storm
203208 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2011-2013 2011-11-14 11:21 2011-11-8 Show GitHub Exploit DB Packet Storm
203209 7.1 危険 マイクロソフト - Microsoft Windows の win32k.sys におけるにおけるサービス運用妨害 (リブート) の脆弱性 CWE-20
不適切な入力確認
CVE-2011-2004 2011-11-14 11:19 2011-11-8 Show GitHub Exploit DB Packet Storm
203210 6.8 警告 Stichting NLnet Labs - ldns の ldns_rr_new_frm_str_internal 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-3581 2011-11-11 11:21 2011-08-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Dec. 25, 2024, 4:06 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2311 6.1 MEDIUM
Network
- - The ForumWP – Forum & Discussion Board plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL … CWE-79
Cross-site Scripting
CVE-2024-10879 2024-12-6 18:15 2024-12-6 Show GitHub Exploit DB Packet Storm
2312 6.4 MEDIUM
Network
- - The NewsMash theme for WordPress is vulnerable to Stored Cross-Site Scripting via a malicious display name in all versions up to, and including, 1.0.71 due to insufficient input sanitization and outp… CWE-79
Cross-site Scripting
CVE-2024-10849 2024-12-6 18:15 2024-12-6 Show GitHub Exploit DB Packet Storm
2313 4.3 MEDIUM
Network
- - The PowerPack Elementor Addons (Free Widgets, Extensions and Templates) plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 via the Content Reveal w… CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2024-10692 2024-12-6 18:15 2024-12-6 Show GitHub Exploit DB Packet Storm
2314 4.3 MEDIUM
Network
- - The XLTab – Accordions and Tabs for Elementor Page Builder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4 via the 'XLTAB_INSERT_TPL' shortcode du… CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2024-10689 2024-12-6 18:15 2024-12-6 Show GitHub Exploit DB Packet Storm
2315 6.4 MEDIUM
Network
- - The Cookielay plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cookielay shortcode in all versions up to, and including, 1.2.0 due to insufficient input sanitization… CWE-79
Cross-site Scripting
CVE-2024-10320 2024-12-6 18:15 2024-12-6 Show GitHub Exploit DB Packet Storm
2316 8.1 HIGH
Network
- - The Login With OTP plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.4.2. This is due to the plugin generating too weak OTP, and there’s no attempt or ti… CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2024-11178 2024-12-6 16:15 2024-12-6 Show GitHub Exploit DB Packet Storm
2317 - - - The WP Hide & Security Enhancer plugin for WordPress is vulnerable to arbitrary file contents deletion due to a missing authorization and insufficient file path validation in the file-process.php in … - CVE-2024-11585 2024-12-6 15:15 2024-12-6 Show GitHub Exploit DB Packet Storm
2318 6.4 MEDIUM
Network
- - The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress… CWE-79
Cross-site Scripting
CVE-2024-11201 2024-12-6 15:15 2024-12-6 Show GitHub Exploit DB Packet Storm
2319 - - - The Pubnews theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the pubnews_importer_plugin_action_for_notice() function in all versio… - CVE-2024-10578 2024-12-6 15:15 2024-12-6 Show GitHub Exploit DB Packet Storm
2320 - - - Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi Electric GENESIS64 all versions and Mitsubishi Electric MC Works64 all versions allows a local authenticat… - CVE-2024-9852 2024-12-6 15:15 2024-11-29 Show GitHub Exploit DB Packet Storm