Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
204961 2.6 注意 クックパッド株式会社 - 複数のクックパッド製 Android アプリケーションにおける WebView クラスに関する脆弱性 CWE-Other
その他 		CVE-2012-0316 2012-02-29 10:52 2012-02-22 Show GitHub Exploit DB Packet Storm
204962 9 危険 シスコシステムズ - 複数の Cisco 製品の Local TFTP file-upload アプリケーションにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-0365 2012-02-28 16:24 2012-02-23 Show GitHub Exploit DB Packet Storm
204963 7.8 危険 シスコシステムズ - 複数の Cisco 製品における設定ファイルを置き換えられる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0364 2012-02-28 16:16 2012-02-23 Show GitHub Exploit DB Packet Storm
204964 9 危険 シスコシステムズ - 複数の Cisco 製品の Web インタフェースにおける任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-0363 2012-02-28 16:13 2012-02-23 Show GitHub Exploit DB Packet Storm
204965 7.5 危険 Joomla! - Joomla! の Weblinks コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4938 2012-02-28 16:04 2011-10-9 Show GitHub Exploit DB Packet Storm
204966 7.5 危険 RoBIT - Joomla! 用の Amblog コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4937 2012-02-28 15:56 2011-10-9 Show GitHub Exploit DB Packet Storm
204967 7.5 危険 Webmaster-Tips - Joomla! 用の Slide Show コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4936 2012-02-28 15:54 2011-10-9 Show GitHub Exploit DB Packet Storm
204968 7.5 危険 Khader Abbeb - Entrans の poll.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4935 2012-02-28 15:53 2011-10-9 Show GitHub Exploit DB Packet Storm
204969 7.5 危険 SV Creation - Get Tube の video.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4934 2012-02-28 15:50 2011-10-9 Show GitHub Exploit DB Packet Storm
204970 7.5 危険 Geeklog - Geeklog の filemgmt/singlefile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4933 2012-02-28 15:48 2011-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 2, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211 7.2 HIGH
Network 		- - The Link Fixer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via broken links in all versions up to, and including, 3.4 due to insufficient input sanitization and output escaping.… New CWE-79
Cross-site Scripting 		CVE-2025-0809 2025-01-31 15:15 2025-01-31 Show GitHub Exploit DB Packet Storm
212 4.3 MEDIUM
Network 		- - The Contact Form and Calls To Action by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_ajax_toggle_ae and vcita_ajax_togg… New CWE-862
 Missing Authorization 		CVE-2024-13717 2025-01-31 15:15 2025-01-31 Show GitHub Exploit DB Packet Storm
213 7.2 HIGH
Network 		- - The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dfxp File uploads in all versions up to, and including, 1.7.42… New CWE-79
Cross-site Scripting 		CVE-2024-13504 2025-01-31 15:15 2025-01-31 Show GitHub Exploit DB Packet Storm
214 4.3 MEDIUM
Network 		- - The Ni Sales Commission For WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'niwoosc_ajax' AJAX endpoint in all versions up to, and incl… New CWE-862
 Missing Authorization 		CVE-2024-13424 2025-01-31 15:15 2025-01-31 Show GitHub Exploit DB Packet Storm
215 4.3 MEDIUM
Network 		- - The Food Menu – Restaurant Menu & Online Ordering for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the response() function in all version… New CWE-862
 Missing Authorization 		CVE-2024-13415 2025-01-31 15:15 2025-01-31 Show GitHub Exploit DB Packet Storm
216 4.3 MEDIUM
Network 		- - The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.7 via the 'render' function … New CWE-359
 Exposure of Private Personal Information to an Unauthorized Actor 		CVE-2024-13216 2025-01-31 15:15 2025-01-31 Show GitHub Exploit DB Packet Storm
217 - - - The WP MediaTagger WordPress plugin through 4.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could al… New - CVE-2024-13101 2025-01-31 15:15 2025-01-31 Show GitHub Exploit DB Packet Storm
218 - - - The OPSI Israel Domestic Shipments WordPress plugin through 2.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which cou… New - CVE-2024-13100 2025-01-31 15:15 2025-01-31 Show GitHub Exploit DB Packet Storm
219 - - - The Zalomení WordPress plugin through 1.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even w… New - CVE-2024-12872 2025-01-31 15:15 2025-01-31 Show GitHub Exploit DB Packet Storm
220 - - - The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before outputting it back in the page when importing a CSV, leading to a Cross Site Scripting vulnerability. New - CVE-2024-12772 2025-01-31 15:15 2025-01-31 Show GitHub Exploit DB Packet Storm