Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 5, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
203431	9.3	危険	Novell	-	Novell ZENworks Handheld Management (ZHM) の ZfHSrvr.exe における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-2655	2011-10-31 13:57	2011-10-5	Show	GitHub Exploit DB Packet Storm

203432	6.8	警告	Digium	-	Asterisk Open Source の chan_sip.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-4063	2011-10-31 10:31	2011-10-4	Show	GitHub Exploit DB Packet Storm

203433	7.5	危険	Atcom S.A.	-	ATCOM Netvolution における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-3340	2011-10-31 10:29	2011-10-21	Show	GitHub Exploit DB Packet Storm

203434	6.5	警告	BlackBerry	-	BlackBerry Collaboration Service における任意のユーザアカウントへログインされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-0290	2011-10-31 10:29	2011-10-11	Show	GitHub Exploit DB Packet Storm

203435	7.5	危険	Atcom S.A.	-	ATCOM Netvolution の default.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4967	2011-10-31 10:28	2011-10-21	Show	GitHub Exploit DB Packet Storm

203436	4.3	警告	Atcom S.A.	-	ATCOM Netvolution の default.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4966	2011-10-31 10:27	2011-10-21	Show	GitHub Exploit DB Packet Storm

203437	4.3	警告	Atcom S.A.	-	ATCOM Netvolution におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-5103	2011-10-31 10:27	2011-10-21	Show	GitHub Exploit DB Packet Storm

203438	7.5	危険	Atcom S.A.	-	ATCOM Netvolution の default.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-5102	2011-10-31 10:26	2011-10-21	Show	GitHub Exploit DB Packet Storm

203439	7.8	危険	MIT Kerberos レッドハット	-	MIT Kerberos の kdb_ldap プラグインにおけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2011-1527	2011-10-31 10:12	2011-10-18	Show	GitHub Exploit DB Packet Storm

203440	4.3	警告	GNOME Project	-	Empathy の theme_adium_append_message 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4170	2011-10-31 10:12	2011-10-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 6, 2025, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2061	6.4	MEDIUM Network	-	-	The Companion Portfolio – Responsive Portfolio Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'companion-portfolio' shortcode in all versions up to, and inc…	CWE-79 Cross-site Scripting	CVE-2024-11867	2024-12-14 14:15	2024-12-14	Show	GitHub Exploit DB Packet Storm

2062	6.4	MEDIUM Network	-	-	The Tabs Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on tab descriptions. …	CWE-79 Cross-site Scripting	CVE-2024-11865	2024-12-14 14:15	2024-12-14	Show	GitHub Exploit DB Packet Storm

2063	6.4	MEDIUM Network	-	-	The Koalendar – Events & Appointments Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘height’ parameter in all versions up to, and including, 1.0.2 due to …	CWE-79 Cross-site Scripting	CVE-2024-11855	2024-12-14 14:15	2024-12-14	Show	GitHub Exploit DB Packet Storm

2064	6.4	MEDIUM Network	-	-	The Post Carousel & Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'post-cs' shortcode in all versions up to, and including, 1.0.4 due to insufficient input…	CWE-79 Cross-site Scripting	CVE-2024-11770	2024-12-14 14:15	2024-12-14	Show	GitHub Exploit DB Packet Storm

2065	6.4	MEDIUM Network	-	-	The Plezi plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'plezi' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and o…	CWE-79 Cross-site Scripting	CVE-2024-11763	2024-12-14 14:15	2024-12-14	Show	GitHub Exploit DB Packet Storm

2066	6.4	MEDIUM Network	-	-	The Bukza plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bukza' shortcode in all versions up to, and including, 2.0.0 due to insufficient input sanitization and o…	CWE-79 Cross-site Scripting	CVE-2024-11759	2024-12-14 14:15	2024-12-14	Show	GitHub Exploit DB Packet Storm

2067	6.4	MEDIUM Network	-	-	The IMS Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown post settings in all versions up to, and including, 1.3.4 due to insufficient input sanitization …	CWE-79 Cross-site Scripting	CVE-2024-11755	2024-12-14 14:15	2024-12-14	Show	GitHub Exploit DB Packet Storm

2068	6.4	MEDIUM Network	-	-	The TCBD Popover plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tcbd-popover-image ' shortcode in all versions up to, and including, 1.2 due to insufficient input…	CWE-79 Cross-site Scripting	CVE-2024-11751	2024-12-14 14:15	2024-12-14	Show	GitHub Exploit DB Packet Storm

2069	6.1	MEDIUM Network	-	-	The Filestack Official plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'fstab' and 'filestack_options' parameters in all versions up to, and including, 2.0.0 due to insuf…	CWE-79 Cross-site Scripting	CVE-2024-11462	2024-12-14 14:15	2024-12-14	Show	GitHub Exploit DB Packet Storm

2070	6.4	MEDIUM Network	-	-	The Visualmodo Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitizat…	CWE-79 Cross-site Scripting	CVE-2024-11095	2024-12-14 14:15	2024-12-14	Show	GitHub Exploit DB Packet Storm