Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 8, 2025, 12:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203441 7.8 危険 シスコシステムズ - Cisco Unified Communications Manager におけるサービス運用妨害 (プロセス障害) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-1605 2011-12-1 10:36 2011-04-27 Show GitHub Exploit DB Packet Storm
203442 7.1 危険 シスコシステムズ - Cisco Unified Communications Manager におけるメモリリークの脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1604 2011-12-1 10:35 2011-04-27 Show GitHub Exploit DB Packet Storm
203443 4.3 警告 John Godley - WordPress 用 Redirection プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4562 2011-11-30 16:50 2011-11-28 Show GitHub Exploit DB Packet Storm
203444 4.3 警告 codefuture - CF Image Hosting Script におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4572 2011-11-30 16:38 2011-11-29 Show GitHub Exploit DB Packet Storm
203445 7.5 危険 EA Improved - Estate Agent コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4571 2011-11-30 16:37 2011-11-29 Show GitHub Exploit DB Packet Storm
203446 7.5 危険 Takeaweb - Time Returns コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4570 2011-11-30 16:37 2011-11-29 Show GitHub Exploit DB Packet Storm
203447 7.5 危険 tommykent1210 - MyBB Forum 用 Userbar プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4569 2011-11-30 16:36 2011-11-29 Show GitHub Exploit DB Packet Storm
203448 4.3 警告 WordPress.org - WordPress 用 Flowplayer プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4568 2011-11-30 16:35 2011-11-29 Show GitHub Exploit DB Packet Storm
203449 4.3 警告 Zen Cart - Zen Cart におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4567 2011-11-30 16:34 2011-11-29 Show GitHub Exploit DB Packet Storm
203450 4.3 警告 Zen Cart - Zen Cart におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4547 2011-11-30 16:34 2011-11-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 8, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
231 6.4 MEDIUM
Network 		- - The Social Rocket – Social Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'socialrocket-floating' shortcode in all versions up to, and including, 1.… New CWE-79
Cross-site Scripting 		CVE-2024-9702 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
232 5.3 MEDIUM
Network 		- - The Social Rocket – Social Sharing Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tweet_settings_save() and tweet_settings_upd… New CWE-862
 Missing Authorization 		CVE-2024-9697 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
233 - - - Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated malicious client to tamper with audit log creation in AXIS Camera Station, or perf… New - CVE-2024-7696 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
234 7.5 HIGH
Network 		- - The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wp_ajax_nopriv_elvwp_log_download AJAX action. This mak… New CWE-22
Path Traversal 		CVE-2024-12849 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
235 7.1 HIGH
Network 		- - The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page parameter in all versions up to, and including, 5… New CWE-79
Cross-site Scripting 		CVE-2024-12633 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
236 8.6 HIGH
Network 		- - The Host PHP Info plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check when including the 'phpinfo' function in all versions up to, and including, 1.0.4… New CWE-862
 Missing Authorization 		CVE-2024-12535 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
237 8.8 HIGH
Network 		- - The Post Saint: ChatGPT, GPT4, DALL-E, Stable Diffusion, Pexels, Dezgo AI Text & Image Generator plugin for WordPress is vulnerable to arbitrary files uploads due to a missing capability check and fi… New CWE-94
Code Injection 		CVE-2024-12471 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
238 6.4 MEDIUM
Network 		- - The Chatroll Live Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'chatroll' shortcode in all versions up to, and including, 2.5.0 due to insufficient input sa… New CWE-79
Cross-site Scripting 		CVE-2024-12464 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
239 6.4 MEDIUM
Network 		- - The Candifly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'candifly' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization… New CWE-79
Cross-site Scripting 		CVE-2024-12440 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
240 6.4 MEDIUM
Network 		- - The Marketplace Items plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'marketplace' shortcode in all versions up to, and including, 1.5.5 due to insufficient input … New CWE-79
Cross-site Scripting 		CVE-2024-12439 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm