Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 27, 2025, 12:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207341	4.3	警告	The PHP Group	-	PHP の Zip 拡張モジュールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1470	2011-04-21 16:47	2011-03-17	Show	GitHub Exploit DB Packet Storm

207342	4.3	警告	The PHP Group	-	PHP の Streams コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2011-1469	2011-04-21 16:46	2011-03-17	Show	GitHub Exploit DB Packet Storm

207343	4.3	警告	The PHP Group	-	PHP の OpenSSL 拡張モジュールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1468	2011-04-21 16:44	2011-03-17	Show	GitHub Exploit DB Packet Storm

207344	5	警告	The PHP Group	-	PHP の NumberFormatter::setSymbol 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2011-1467	2011-04-21 16:43	2011-03-17	Show	GitHub Exploit DB Packet Storm

207345	5	警告	The PHP Group	-	PHP の SdnToJulian 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-1466	2011-04-21 16:42	2011-03-17	Show	GitHub Exploit DB Packet Storm

207346	5	警告	The PHP Group	-	PHP の grapheme_extract 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2011-0420	2011-04-21 16:40	2011-01-6	Show	GitHub Exploit DB Packet Storm

207347	4.3	警告	The PHP Group	-	PHP の Zip 拡張モジュール内にある _zip_name_locate 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-0421	2011-04-21 12:25	2011-03-17	Show	GitHub Exploit DB Packet Storm

207348	4.3	警告	The PHP Group	-	64-bit プラットフォーム上で稼働している PHP の exif.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2011-0708	2011-04-21 12:24	2011-03-17	Show	GitHub Exploit DB Packet Storm

207349	7.5	危険	The PHP Group	-	PHP の ext/shmop/shmop.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-1092	2011-04-21 12:22	2011-03-17	Show	GitHub Exploit DB Packet Storm

207350	7.5	危険	The PHP Group	-	PHP の phar_object.c における重要な情報を取得される脆弱性	CWE-134 書式文字列の問題	CVE-2011-1153	2011-04-21 12:21	2011-03-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 27, 2025, 4:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3121	6.4	MEDIUM Network	-	-	The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Tooltip…	CWE-79 Cross-site Scripting	CVE-2024-9502	2025-01-7 16:15	2025-01-7	Show	GitHub Exploit DB Packet Storm

3122	6.1	MEDIUM Network	-	-	The Estatik Mortgage Calculator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'color' parameter in all versions up to, and including, 2.0.11 due to insufficient input s…	CWE-79 Cross-site Scripting	CVE-2024-9354	2025-01-7 16:15	2025-01-7	Show	GitHub Exploit DB Packet Storm

3123	4.3	MEDIUM Network	-	-	The Aurum - WordPress & WooCommerce Shopping Theme theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'lab_1cl_demo_install_package_conten…	CWE-862 Missing Authorization	CVE-2024-12781	2025-01-7 16:15	2025-01-7	Show	GitHub Exploit DB Packet Storm

3124	6.4	MEDIUM Network	-	-	The Sina Extension for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Sina Image Differ widget in all versions up to, and including, 3.5.91 due to insuff…	CWE-79 Cross-site Scripting	CVE-2024-12624	2025-01-7 16:15	2025-01-7	Show	GitHub Exploit DB Packet Storm

3125	6.4	MEDIUM Network	-	-	The WP jQuery DataTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_jdt' shortcode in all versions up to, and including, 4.0.1 due to insufficient input san…	CWE-79 Cross-site Scripting	CVE-2024-12499	2025-01-7 16:15	2025-01-7	Show	GitHub Exploit DB Packet Storm

3126	6.4	MEDIUM Network	-	-	The Bootstrap Blocks for WP Editor v2 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gtb-bootstrap/column' block in all versions up to, and including, 2.5.0 due to insuffi…	CWE-79 Cross-site Scripting	CVE-2024-12495	2025-01-7 16:15	2025-01-7	Show	GitHub Exploit DB Packet Storm

3127	6.4	MEDIUM Network	-	-	The Marketplace Items plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'envato' shortcode in all versions up to, and including, 1.5.5 due to insufficient input sanit…	CWE-79 Cross-site Scripting	CVE-2024-12437	2025-01-7 16:15	2025-01-7	Show	GitHub Exploit DB Packet Storm

3128	6.4	MEDIUM Network	-	-	The Solar Wizard Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'solar_wizard' shortcode in all versions up to, and including, 1.2.4 due to insufficient input…	CWE-79 Cross-site Scripting	CVE-2024-11764	2025-01-7 16:15	2025-01-7	Show	GitHub Exploit DB Packet Storm

3129	8.8	HIGH Network	-	-	The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the …	CWE-862 Missing Authorization	CVE-2024-11725	2025-01-7 16:15	2025-01-7	Show	GitHub Exploit DB Packet Storm

3130	5.3	MEDIUM Network	-	-	The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.10 via the WordPress core search featu…	CWE-200 Information Exposure	CVE-2024-11282	2025-01-7 16:15	2025-01-7	Show	GitHub Exploit DB Packet Storm