Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 11, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
206921 9.3 危険 Google - Google Chrome の ParamTraits::Read 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1441 2010-10-19 14:56 2009-05-5 Show GitHub Exploit DB Packet Storm
206922 5 警告 Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-1514 2010-10-19 14:55 2009-04-20 Show GitHub Exploit DB Packet Storm
206923 4.3 警告 Google - Google Chrome におけるクロスサイトスクリプティングを誘導される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1414 2010-10-19 14:55 2009-04-24 Show GitHub Exploit DB Packet Storm
206924 4.3 警告 Google - Google Chrome におけるクロスサイトスクリプティングを誘導される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1413 2010-10-19 14:55 2009-04-24 Show GitHub Exploit DB Packet Storm
206925 7.8 危険 Google - Google Chrome における IsWebSafeScheme 制限を満たしていない URL をタブで開かれる脆弱性 CWE-200
情報漏えい 		CVE-2009-1412 2010-10-19 14:54 2009-04-24 Show GitHub Exploit DB Packet Storm
206926 5 警告 Google - Google Chrome の V8 JavaScript エンジンにおける同一生成元ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-0276 2010-10-19 14:54 2009-01-28 Show GitHub Exploit DB Packet Storm
206927 5 警告 Google - Google Chrome における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-0411 2010-10-19 14:54 2009-01-28 Show GitHub Exploit DB Packet Storm
206928 2.1 注意 Google - Google Chrome の JavaScript 実装における偽装したポップアップメッセージに従って行動させられる脆弱性 CWE-Other
その他 		CVE-2008-5915 2010-10-19 14:54 2009-01-20 Show GitHub Exploit DB Packet Storm
206929 4.3 警告 Google - Google Chrome におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4724 2010-10-19 14:53 2008-09-18 Show GitHub Exploit DB Packet Storm
206930 4.3 警告 Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4340 2010-10-19 14:53 2008-09-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 12, 2025, 4:59 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2221 6.1 MEDIUM
Network 		- - The Bitcoin Lightning Publisher for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versi… CWE-79
Cross-site Scripting 		CVE-2024-12100 2024-12-24 15:15 2024-12-24 Show GitHub Exploit DB Packet Storm
2222 - - - The Exhibit to WP Gallery WordPress plugin through 0.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be use… - CVE-2024-12096 2024-12-24 15:15 2024-12-24 Show GitHub Exploit DB Packet Storm
2223 5.3 MEDIUM
Network 		- - The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to IP unblocking in all versions up to, and including, 1.25. This is due to the plugin not utilizing a strong unique key when generati… CWE-340
 Generation of Predictable Numbers or Identifiers 		CVE-2024-12034 2024-12-24 15:15 2024-12-24 Show GitHub Exploit DB Packet Storm
2224 6.4 MEDIUM
Network 		- - The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'njtele_button shortcode in all versions up to, and including, 1.0 due to insufficie… CWE-79
Cross-site Scripting 		CVE-2024-11885 2024-12-24 15:15 2024-12-24 Show GitHub Exploit DB Packet Storm
2225 6.1 MEDIUM
Network 		- - The WP-Appbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.5.3 due to insufficient input sanitization and outp… CWE-79
Cross-site Scripting 		CVE-2024-12710 2024-12-24 14:15 2024-12-24 Show GitHub Exploit DB Packet Storm
2226 5.4 MEDIUM
Network 		- - The WC Price History for Omnibus plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX actions in all versions up to, and including, 2.1.3. This … CWE-862
 Missing Authorization 		CVE-2024-12617 2024-12-24 14:15 2024-12-24 Show GitHub Exploit DB Packet Storm
2227 6.4 MEDIUM
Network 		- - The ShMapper by Teplitsa plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shmMap' shortcode in all versions up to, and including, 1.4.18 due to insufficient input s… CWE-79
Cross-site Scripting 		CVE-2024-12518 2024-12-24 14:15 2024-12-24 Show GitHub Exploit DB Packet Storm
2228 6.4 MEDIUM
Network 		- - The Optio Dentistry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'optio-lightbox' shortcode in all versions up to, and including, 2.1 due to insufficient input s… CWE-79
Cross-site Scripting 		CVE-2024-12507 2024-12-24 14:15 2024-12-24 Show GitHub Exploit DB Packet Storm
2229 6.5 MEDIUM
Network 		- - The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the elex_dp_export_rules() and elex_dp_import… CWE-862
 Missing Authorization 		CVE-2024-12266 2024-12-24 14:15 2024-12-24 Show GitHub Exploit DB Packet Storm
2230 5.4 MEDIUM
Network 		- - A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not expected to be able to … CWE-116
 Improper Encoding or Escaping of Output 		CVE-2024-9427 2024-12-24 13:15 2024-12-24 Show GitHub Exploit DB Packet Storm