Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 10, 2025, 6:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
208101	4.3	警告	サン・マイクロシステムズアドビシステムズ	-	Adobe Acrobat におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2009-2995	2010-02-9 13:55	2009-10-13	Show	GitHub Exploit DB Packet Storm

208102	9.3	危険	サン・マイクロシステムズアドビシステムズ	-	Adobe Acrobat における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2009-2989	2010-02-9 13:55	2009-10-13	Show	GitHub Exploit DB Packet Storm

208103	9.3	危険	サン・マイクロシステムズアドビシステムズ	-	Adobe Acrobat の画像デコーダにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2009-2984	2010-02-9 13:54	2009-10-13	Show	GitHub Exploit DB Packet Storm

208104	9.3	危険	アップルアドビシステムズサン・マイクロシステムズレッドハット	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-3797	2010-02-9 12:35	2009-12-8	Show	GitHub Exploit DB Packet Storm

208105	9.3	危険	アップルアドビシステムズサン・マイクロシステムズレッドハット	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3796	2010-02-9 12:35	2009-12-8	Show	GitHub Exploit DB Packet Storm

208106	9.3	危険	アップルアドビシステムズサン・マイクロシステムズレッドハット	-	Adobe Flash Player および Adobe AIR におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-3794	2010-02-9 12:35	2009-12-8	Show	GitHub Exploit DB Packet Storm

208107	10	危険	IBM	-	IBM Lotus Domino Web Access におけるリンク処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2010-0276	2010-02-8 13:19	2010-01-7	Show	GitHub Exploit DB Packet Storm

208108	10	危険	IBM	-	IBM Lotus Domino Web Access における脆弱性	CWE-noinfo 情報不足	CVE-2009-4594	2010-02-8 13:19	2009-06-5	Show	GitHub Exploit DB Packet Storm

208109	10	危険	IBM	-	IBM Lotus Domino Web Access の Ultra-light Mode における status-alerts URL の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2010-0275	2010-02-8 13:18	2010-01-7	Show	GitHub Exploit DB Packet Storm

208110	10	危険	IBM	-	IBM Lotus Domino Web Access の Ultra-light Mode における脆弱性	CWE-noinfo 情報不足	CVE-2010-0274	2010-02-8 13:17	2010-01-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 10, 2025, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1981	-		-	-	A vulnerability was found in Codezips E-Commerce Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argum…	CWE-89 CWE-74 SQL Injection Injection	CVE-2024-12884	2024-12-21 23:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

1982	-		-	-	A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /_email.php. The manipulati…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2024-12883	2024-12-21 22:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

1983	4.9	MEDIUM Network	-	-	The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.2 via the file download…	CWE-73 External Control of File Name or Path	CVE-2024-12875	2024-12-21 21:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

1984	6.4	MEDIUM Network	-	-	The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wb_share_social shortcode in all versions up to, and including, 1.2.1 due to insufficient input saniti…	CWE-79 Cross-site Scripting	CVE-2024-12591	2024-12-21 19:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

1985	6.5	MEDIUM Network	-	-	The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_db function in all versions …	CWE-862 Missing Authorization	CVE-2024-12558	2024-12-21 19:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

1986	6.1	MEDIUM Network	-	-	The WP on AWS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST data in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escapi…	CWE-79 Cross-site Scripting	CVE-2024-12408	2024-12-21 19:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

1987	5.9	MEDIUM Network	-	-	The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 3.25.1 due to insufficient escaping on the user …	CWE-89 SQL Injection	CVE-2024-11722	2024-12-21 19:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

1988	6.1	MEDIUM Network	-	-	The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver' or 'date' parameter in all versions up to, and including, 2.5.5 due to insufficient input sanitizatio…	CWE-79 Cross-site Scripting	CVE-2024-11688	2024-12-21 19:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

1989	6.4	MEDIUM Network	-	-	The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typography Settings in all versions up to, and includi…	CWE-79 Cross-site Scripting	CVE-2024-10453	2024-12-21 19:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

1990	6.4	MEDIUM Network	-	-	The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aux_contact_box and aux_gmaps shortcodes in all versions up to, an…	CWE-79 Cross-site Scripting	CVE-2024-9545	2024-12-21 18:15	2024-12-21	Show	GitHub Exploit DB Packet Storm