Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205061 6.8 警告 Antonio de Vincentiis - GAzie の modules/config/admin_utente.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-1220 2012-02-22 16:24 2012-02-21 Show GitHub Exploit DB Packet Storm
205062 4.3 警告 freelancerKit - freelancerKit におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1219 2012-02-22 16:18 2012-02-21 Show GitHub Exploit DB Packet Storm
205063 7.5 危険 freelancerKit - freelancerKit における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1218 2012-02-22 16:15 2012-02-21 Show GitHub Exploit DB Packet Storm
205064 4.3 警告 Zenphoto - Zenphoto におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0995 2012-02-22 16:12 2012-02-21 Show GitHub Exploit DB Packet Storm
205065 6 警告 Zenphoto - Zenphoto の Manage Albums 機能における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-0994 2012-02-22 16:09 2012-02-21 Show GitHub Exploit DB Packet Storm
205066 6.8 警告 Zenphoto - Zenphoto の viewer_size_image.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-0993 2012-02-22 16:07 2012-02-21 Show GitHub Exploit DB Packet Storm
205067 4 警告 IBM - IBM solidDB のサーバにおけるサービス運用妨害 (デーモンクラッシュ) の脆弱性 CWE-noinfo
情報不足 		CVE-2012-0200 2012-02-22 15:31 2012-02-7 Show GitHub Exploit DB Packet Storm
205068 4 警告 IBM - IBM solidDB のサーバにおけるサービス運用妨害 (デーモンクラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4890 2012-02-22 15:30 2011-11-17 Show GitHub Exploit DB Packet Storm
205069 4.3 警告 SIMHL - STHS v2 Web Portal におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1217 2012-02-22 15:24 2012-02-21 Show GitHub Exploit DB Packet Storm
205070 6 警告 PBBoard - PBBoard の admin.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-1216 2012-02-22 15:23 2012-02-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 5, 2025, 4:56 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
401 - - - The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only mean… - CVE-2025-0938 2025-02-1 05:15 2025-02-1 Show GitHub Exploit DB Packet Storm
402 - - - In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied… - CVE-2025-0662 2025-02-1 05:15 2025-01-30 Show GitHub Exploit DB Packet Storm
403 - - - A floating-point exception (FPE) vulnerability exists in the AP4_TfraAtom::AP4_TfraAtom function in Bento4. - CVE-2024-57513 2025-02-1 05:15 2025-01-30 Show GitHub Exploit DB Packet Storm
404 4.3 MEDIUM
Network 		visualmodo borderless The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'remove_zi… CWE-862
 Missing Authorization 		CVE-2024-11583 2025-02-1 05:03 2025-01-30 Show GitHub Exploit DB Packet Storm
405 7.2 HIGH
Network 		visualmodo borderless The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.5.9 via the 'wr… CWE-94
Code Injection 		CVE-2024-11600 2025-02-1 05:02 2025-01-30 Show GitHub Exploit DB Packet Storm
406 4.3 MEDIUM
Network 		seventhqueen typer_core The Typer Core plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.6 via the 'elementor-template' shortcode due to insufficient restrictions on which … NVD-CWE-noinfo
CVE-2024-12102 2025-02-1 05:01 2025-01-30 Show GitHub Exploit DB Packet Storm
407 6.1 MEDIUM
Network 		wpmessiah ai_image_alt_text_generator_for_wp The Ai Image Alt Text Generator for WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.2 due to insufficient in… CWE-79
Cross-site Scripting 		CVE-2024-12177 2025-02-1 04:49 2025-01-30 Show GitHub Exploit DB Packet Storm
408 7.5 HIGH
Network 		wpmessiah safe_ai_malware_protection_for_wp The Safe Ai Malware Protection for WP plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_db() function in all versions up to, and includ… CWE-862
 Missing Authorization 		CVE-2024-12269 2025-02-1 04:44 2025-01-30 Show GitHub Exploit DB Packet Storm
409 6.5 MEDIUM
Network 		villatheme w2s The W2S – Migrate WooCommerce to Shopify plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.2.1 via the 'viw2s_view_log' AJAX action. This makes it poss… NVD-CWE-noinfo
CVE-2024-12861 2025-02-1 04:01 2025-01-30 Show GitHub Exploit DB Packet Storm
410 5.4 MEDIUM
Network 		proxymis html5_chat The HTML5 chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'HTML5CHAT' shortcode in all versions up to, and including, 1.04 due to insufficient input sanitizati… CWE-79
Cross-site Scripting 		CVE-2024-12451 2025-02-1 03:55 2025-01-30 Show GitHub Exploit DB Packet Storm