Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205901 7.5 危険 Jextensions - Joomla! 用 HM Community コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4808 2011-12-16 10:41 2011-12-14 Show GitHub Exploit DB Packet Storm
205902 5 警告 foobla - Joomla! 用の obSuggest コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4804 2011-12-16 10:19 2011-12-14 Show GitHub Exploit DB Packet Storm
205903 7.5 危険 BraveNewCode - WordPress 用の WPTouch プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4803 2011-12-16 10:18 2011-12-14 Show GitHub Exploit DB Packet Storm
205904 6.8 警告 DELL EMC (旧 EMC Corporation) - EMC RSA AAOP におけるアプリケーション制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-2742 2011-12-15 16:59 2011-12-14 Show GitHub Exploit DB Packet Storm
205905 6.8 警告 DELL EMC (旧 EMC Corporation) - EMC RSA AAOP におけるセキュリティ制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-2741 2011-12-15 16:58 2011-12-14 Show GitHub Exploit DB Packet Storm
205906 4.3 警告 アドビシステムズ - Adobe ColdFusion の RDS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4368 2011-12-15 16:57 2011-12-13 Show GitHub Exploit DB Packet Storm
205907 4.3 警告 アドビシステムズ - Adobe ColdFusion におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-2463 2011-12-15 16:57 2011-12-13 Show GitHub Exploit DB Packet Storm
205908 4.3 警告 アップル - iOS 上の Safari におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		- 2011-12-15 12:02 2011-12-15 Show GitHub Exploit DB Packet Storm
205909 7.2 危険 TADASoft - Tadasoft Restorepoint の評価版における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4202 2011-12-14 15:50 2011-12-13 Show GitHub Exploit DB Packet Storm
205910 9.3 危険 TADASoft - Tadasoft Restorepoint の評価版における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4201 2011-12-14 15:50 2011-12-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2971 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2022-21371 - CVE-2021-35685 2025-01-16 09:15 2025-01-16 Show GitHub Exploit DB Packet Storm
2972 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2022-21306. - CVE-2021-35684 2025-01-16 09:15 2025-01-16 Show GitHub Exploit DB Packet Storm
2973 - - - SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the "checkOrder.php" shopId module. - CVE-2025-22976 2025-01-16 08:15 2025-01-16 Show GitHub Exploit DB Packet Storm
2974 - - - SQL Injection vulnerability in DDSN Net Pty Ltd (DDSN Interactive) DDSN Interactive cm3 Acora CMS 10.1.1 allows an attacker to execute arbitrary code via the table parameter. - CVE-2025-22964 2025-01-16 08:15 2025-01-16 Show GitHub Exploit DB Packet Storm
2975 6.1 MEDIUM
Network 		- - The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the showdata and initiate_restore parameters in all versions up to, and includin… CWE-79
Cross-site Scripting 		CVE-2025-0215 2025-01-16 08:15 2025-01-16 Show GitHub Exploit DB Packet Storm
2976 - - - An arbitrary file upload vulnerability in the UI login page logo upload function of Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary code via uploading a crafted PHP or H… - CVE-2024-41454 2025-01-16 08:15 2025-01-16 Show GitHub Exploit DB Packet Storm
2977 - - - Insecure permissions in Aginode GigaSwitch v5 allows attackers to access sensitive information via using the SCP command. - CVE-2024-39967 2025-01-16 08:15 2025-01-16 Show GitHub Exploit DB Packet Storm
2978 - - - An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclo… - CVE-2025-0107 2025-01-16 08:15 2025-01-11 Show GitHub Exploit DB Packet Storm
2979 - - - A vulnerability has been found in D-Link DIR-823X 240126/240802 and classified as critical. Affected by this vulnerability is the function FUN_00412244. The manipulation leads to null pointer derefer… CWE-476
CWE-404
 NULL Pointer Dereference
 Improper Resource Shutdown or Release 		CVE-2025-0492 2025-01-16 07:15 2025-01-16 Show GitHub Exploit DB Packet Storm
2980 - - - A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. Affected is an unknown function of the file /fladmin/cat_dodel.php. The manipulation of the argument id l… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0491 2025-01-16 07:15 2025-01-16 Show GitHub Exploit DB Packet Storm