Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 15, 2025, 4:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
208441	4.9	警告	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の do_sigaltstack 関数における情報漏えいの脆弱性	CWE-noinfo 情報不足	CVE-2009-2847	2010-02-16 11:43	2009-08-18	Show	GitHub Exploit DB Packet Storm

208442	7.2	危険	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の personality サブシステムにおける NULL ポインタ参照の脆弱性	CWE-16 環境設定	CVE-2009-1895	2010-02-16 11:43	2009-07-16	Show	GitHub Exploit DB Packet Storm

208443	4.3	警告	オラクル	-	BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0069	2010-02-15 19:32	2010-01-12	Show	GitHub Exploit DB Packet Storm

208444	5	警告	オラクル	-	BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0078	2010-02-15 19:32	2010-01-12	Show	GitHub Exploit DB Packet Storm

208445	5	警告	オラクル	-	BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0074	2010-02-15 19:32	2010-01-12	Show	GitHub Exploit DB Packet Storm

208446	5	警告	オラクル	-	BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0068	2010-02-15 19:32	2010-01-12	Show	GitHub Exploit DB Packet Storm

208447	4.3	警告	オラクル	-	Oracle Application Server の J2EE コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0070	2010-02-15 19:31	2010-01-12	Show	GitHub Exploit DB Packet Storm

208448	5	警告	オラクル	-	Oracle Application Server の J2EE コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0067	2010-02-15 19:31	2010-01-12	Show	GitHub Exploit DB Packet Storm

208449	5	警告	オラクル	-	Oracle Application Server の Access Manager Identity Server コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0066	2010-02-15 19:31	2010-01-12	Show	GitHub Exploit DB Packet Storm

208450	7.8	危険	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の e1000_clean_rx_irq 関数における整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-1385	2010-02-15 11:03	2009-06-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2561	6.1	MEDIUM Network	-	-	The Bitcoin Lightning Publisher for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versi…	CWE-79 Cross-site Scripting	CVE-2024-12100	2024-12-24 15:15	2024-12-24	Show	GitHub Exploit DB Packet Storm

2562	-		-	-	The Exhibit to WP Gallery WordPress plugin through 0.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be use…	-	CVE-2024-12096	2024-12-24 15:15	2024-12-24	Show	GitHub Exploit DB Packet Storm

2563	5.3	MEDIUM Network	-	-	The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to IP unblocking in all versions up to, and including, 1.25. This is due to the plugin not utilizing a strong unique key when generati…	CWE-340 Generation of Predictable Numbers or Identifiers	CVE-2024-12034	2024-12-24 15:15	2024-12-24	Show	GitHub Exploit DB Packet Storm

2564	6.4	MEDIUM Network	-	-	The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'njtele_button shortcode in all versions up to, and including, 1.0 due to insufficie…	CWE-79 Cross-site Scripting	CVE-2024-11885	2024-12-24 15:15	2024-12-24	Show	GitHub Exploit DB Packet Storm

2565	6.1	MEDIUM Network	-	-	The WP-Appbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.5.3 due to insufficient input sanitization and outp…	CWE-79 Cross-site Scripting	CVE-2024-12710	2024-12-24 14:15	2024-12-24	Show	GitHub Exploit DB Packet Storm

2566	5.4	MEDIUM Network	-	-	The WC Price History for Omnibus plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX actions in all versions up to, and including, 2.1.3. This …	CWE-862 Missing Authorization	CVE-2024-12617	2024-12-24 14:15	2024-12-24	Show	GitHub Exploit DB Packet Storm

2567	6.4	MEDIUM Network	-	-	The ShMapper by Teplitsa plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shmMap' shortcode in all versions up to, and including, 1.4.18 due to insufficient input s…	CWE-79 Cross-site Scripting	CVE-2024-12518	2024-12-24 14:15	2024-12-24	Show	GitHub Exploit DB Packet Storm

2568	6.4	MEDIUM Network	-	-	The Optio Dentistry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'optio-lightbox' shortcode in all versions up to, and including, 2.1 due to insufficient input s…	CWE-79 Cross-site Scripting	CVE-2024-12507	2024-12-24 14:15	2024-12-24	Show	GitHub Exploit DB Packet Storm

2569	6.5	MEDIUM Network	-	-	The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the elex_dp_export_rules() and elex_dp_import…	CWE-862 Missing Authorization	CVE-2024-12266	2024-12-24 14:15	2024-12-24	Show	GitHub Exploit DB Packet Storm

2570	5.4	MEDIUM Network	-	-	A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not expected to be able to …	CWE-116 Improper Encoding or Escaping of Output	CVE-2024-9427	2024-12-24 13:15	2024-12-24	Show	GitHub Exploit DB Packet Storm