Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251281 4.3 警告 Ruby on Rails project - Ruby on Rails におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1098 2012-03-14 11:50 2012-03-13 Show GitHub Exploit DB Packet Storm
251282 7.2 危険 BlackBerry - Research In Motion BlackBerry PlayBook タブレットのソフトウェアにおける権限を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-0291 2012-03-13 16:48 2011-12-6 Show GitHub Exploit DB Packet Storm
251283 7.5 危険 Google - Google Chrome の GPU プロセスにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-3047 2012-03-13 16:09 2012-03-10 Show GitHub Exploit DB Packet Storm
251284 5.8 警告 マイクロソフト - Microsoft Internet Explorer における Protected Mode を回避される脆弱性 CWE-119
バッファエラー 		CVE-2012-1545 2012-03-13 15:18 2012-03-9 Show GitHub Exploit DB Packet Storm
251285 - - マイクロソフト - ** 削除 ** Microsoft Internet Explorer におけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2012-1544 2012-03-13 15:16 2012-03-9 Show GitHub Exploit DB Packet Storm
251286 10 危険 ABB - ABB Robot Communications Runtime におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-0245 2012-03-13 15:14 2012-03-9 Show GitHub Exploit DB Packet Storm
251287 - - Pydio - AjaXplorer に複数の脆弱性 - - 2012-03-13 15:10 2012-03-9 Show GitHub Exploit DB Packet Storm
251288 9.3 危険 アップル - Apple iOS の VPN におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2012-0646 2012-03-13 15:07 2012-03-8 Show GitHub Exploit DB Packet Storm
251289 1.2 注意 アップル - Apple iOS の Siri におけるロック状態を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0645 2012-03-13 15:04 2012-03-8 Show GitHub Exploit DB Packet Storm
251290 6.9 警告 アップル - Apple iOS のパスコードロック機能におけるパスコード要求を回避される脆弱性 CWE-362
競合状態 		CVE-2012-0644 2012-03-13 14:58 2012-03-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
308661 6.4 MEDIUM
Network 		- - The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.0 due to insufficient input sanitizat… CWE-79
Cross-site Scripting 		CVE-2024-8960 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
308662 - - - The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.0 via the 'ce_template' shortcode due to insufficient restriction… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-10779 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
308663 4.3 MEDIUM
Network 		- - The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the info() function in all versions up to, and including, 2.2. This makes it poss… CWE-862
 Missing Authorization 		CVE-2024-10588 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
308664 6.5 MEDIUM
Network 		- - The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ce21_single_sign_on_save_api_settings' function in versions up to, and… CWE-862
 Missing Authorization 		CVE-2024-10294 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
308665 9.8 CRITICAL
Network 		- - The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attack… CWE-200
Information Exposure 		CVE-2024-10285 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
308666 - - - A data.all admin team member who has access to the customer-owned AWS Account where data.all is deployed may be able to extract user data from data.all application logs in data.all via CloudWatch log… - CVE-2024-52314 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
308667 - - - An authenticated data.all user is able to manipulate a getDataset query to fetch additional information regarding the parent Environment resource that the user otherwise would not able to fetch by di… - CVE-2024-52313 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
308668 - - - Due to inconsistent authorization permissions, data.all may allow an external actor with an authenticated account to perform restricted operations against DataSets and Environments. - CVE-2024-52312 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
308669 - - - Authentication tokens issued via Cognito in data.all are not invalidated on log out, allowing for previously authenticated user to continue execution of authorized API Requests until token is expired. - CVE-2024-52311 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
308670 - - - An authenticated data.all user is able to perform mutating UPDATE operations on persisted Notification records in data.all for group notifications that their user is not a member of. - CVE-2024-10953 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm