Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
209601 7.5 危険 シスコシステムズ - Cisco Content Services Switch における HTTP Request Smuggling 攻撃の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-1576 2010-07-27 17:29 2010-07-2 Show GitHub Exploit DB Packet Storm
209602 7.5 危険 シスコシステムズ - Cisco Content Services Switch における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1575 2010-07-27 17:28 2010-07-2 Show GitHub Exploit DB Packet Storm
209603 6.8 警告 サイバートラスト株式会社
The Perl Foundation
レッドハット		 - Perl の Archive::Tar モジュールにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4829 2010-07-26 18:29 2007-11-2 Show GitHub Exploit DB Packet Storm
209604 9.3 危険 マイクロソフト - Microsoft Windows Help and Support Center に脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2010-1885 2010-07-23 18:55 2010-06-10 Show GitHub Exploit DB Packet Storm
209605 4.9 警告 マイクロソフト - Microsoft Windows の Canonical Display Driver における任意のコードを実行される脆弱性 CWE-DesignError
CVE-2009-3678 2010-07-23 18:55 2010-05-14 Show GitHub Exploit DB Packet Storm
209606 9.3 危険 サン・マイクロシステムズ
レッドハット
リアルネットワークス		 - Realnetworks RealPlayer における ASM RuleBook の処理に関する脆弱性 CWE-119
バッファエラー 		CVE-2009-4247 2010-07-23 18:55 2010-01-19 Show GitHub Exploit DB Packet Storm
209607 10 危険 サイバートラスト株式会社
Apache Software Foundation		 - Apache Geronimo の LoginModule 実装における認証要求を回避される脆弱性 CWE-287
不適切な認証 		CVE-2007-4548 2010-07-22 20:51 2007-08-13 Show GitHub Exploit DB Packet Storm
209608 5 警告 サイバートラスト株式会社
Apache Software Foundation		 - Apache Geronimo の management EJB における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2007-5085 2010-07-22 20:51 2007-09-6 Show GitHub Exploit DB Packet Storm
209609 7.5 危険 サイバートラスト株式会社
Apache Software Foundation		 - Apache Geronimo の SQLLoginModule における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2007-5797 2010-07-22 20:51 2007-10-22 Show GitHub Exploit DB Packet Storm
209610 6.8 警告 InterSect Alliance International Pty - Snare Agent の Web インターフェースにクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-2594 2010-07-22 20:51 2010-06-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 4, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3561 6.4 MEDIUM
Network 		- - The Files Download Delay plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fddwrap' shortcode in all versions up to, and including, 1.0.9 due to insufficient input s… CWE-79
Cross-site Scripting 		CVE-2024-12493 2025-01-9 20:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3562 6.4 MEDIUM
Network 		- - The SimplyRETS Real Estate IDX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sr_search_form' shortcode in all versions up to, and including, 2.11.2 due to insuff… CWE-79
Cross-site Scripting 		CVE-2024-12491 2025-01-9 20:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3563 6.1 MEDIUM
Network 		- - The Action Network plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.4. This is due to missing or incorrect nonce validation on a function. Th… CWE-352
 Origin Validation Error 		CVE-2024-12394 2025-01-9 20:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3564 7.5 HIGH
Network 		- - The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.3 via publicly… CWE-530
CVE-2024-12330 2025-01-9 20:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3565 6.1 MEDIUM
Network 		- - The SEMA API plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘catid’ parameter in all versions up to, and including, 5.27 due to insufficient input sanitization and outpu… CWE-79
Cross-site Scripting 		CVE-2024-12285 2025-01-9 20:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3566 4.3 MEDIUM
Network 		- - The GS Insever Portfolio plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_settings() function in all versions up to, and including… CWE-862
 Missing Authorization 		CVE-2024-12249 2025-01-9 20:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3567 6.1 MEDIUM
Network 		- - The Deliver via Shipos for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dvsfw_bulk_label_url’ parameter in all versions up to, and including, 2.1.7 due to… CWE-79
Cross-site Scripting 		CVE-2024-12222 2025-01-9 20:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3568 6.1 MEDIUM
Network 		- - The Woocommerce check pincode/zipcode for shipping plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect no… CWE-352
 Origin Validation Error 		CVE-2024-12218 2025-01-9 20:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3569 4.3 MEDIUM
Network 		- - The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.8. This is due to missing or incorrect nonce val… CWE-352
 Origin Validation Error 		CVE-2024-12206 2025-01-9 20:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3570 6.1 MEDIUM
Network 		- - The ResAds plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via multiple parameters in all versions up to, and including, 2.0.6 due to insufficient input sanitization and output e… CWE-79
Cross-site Scripting 		CVE-2024-12122 2025-01-9 20:15 2025-01-9 Show GitHub Exploit DB Packet Storm