Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1041	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	4g300 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の 4g300 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-4167	2025-01-22 14:42	2024-04-25	Show	GitHub Exploit DB Packet Storm

1042	5.4	警告 Network	Autolab project	Autolab	Autolab project の Autolab におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-52585	2025-01-22 14:42	2024-11-18	Show	GitHub Exploit DB Packet Storm

1043	9.8	緊急 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla Foundation の Mozilla Firefox および Mozilla Thunderbird における脆弱性	CWE-noinfo 情報不足	CVE-2024-3863	2025-01-22 14:26	2024-04-16	Show	GitHub Exploit DB Packet Storm

1044	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2024-57887	2025-01-22 14:23	2024-12-20	Show	GitHub Exploit DB Packet Storm

1045	7.8	重要 Local	フォーティネット	FortiWan	フォーティネットの FortiWan における OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2021-26115	2025-01-22 14:19	2021-07-7	Show	GitHub Exploit DB Packet Storm

1046	7.5	重要 Network	フォーティネット	FortiOS	フォーティネットの FortiOS における境界外書き込みに関する脆弱性	CWE-122 CWE-787	CVE-2020-12819	2025-01-22 14:17	2020-09-24	Show	GitHub Exploit DB Packet Storm

1047	7.2	重要 Network	mintplexlabs	anythingllm	mintplexlabs の anythingllm におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2024-0795	2025-01-22 13:39	2024-03-2	Show	GitHub Exploit DB Packet Storm

1048	7.3	重要 Local	Rockwell Automation	Arena	Rockwell Automation の Arena における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2024-11157	2025-01-22 13:39	2024-12-19	Show	GitHub Exploit DB Packet Storm

1049	5.4	警告 Network	bdthemes	element pack	bdthemes の WordPress 用 element pack におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1429	2025-01-22 13:39	2024-04-18	Show	GitHub Exploit DB Packet Storm

1050	5.4	警告 Network	bdthemes	prime slider	bdthemes の WordPress 用 prime slider におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1507	2025-01-22 13:39	2024-03-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 2, 2025, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
276081	-	cgi_rescue	form2mail	Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form.	NVD-CWE-noinfo	CVE-2009-1590	2009-05-11 13:00	2009-05-9	Show	GitHub Exploit DB Packet Storm

276082	-	mitel	mitel_nupoint_messenger	The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote attackers to obtain sensitive information by sniffing the network.	CWE-310 Cryptographic Issues	CVE-2008-6797	2009-05-8 13:00	2009-05-8	Show	GitHub Exploit DB Packet Storm

276083	-	phpexplorer	phphotogallery	Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. NOTE: the provenance…	CWE-89 SQL Injection	CVE-2008-6802	2009-05-8 13:00	2009-05-8	Show	GitHub Exploit DB Packet Storm

276084	-	cisco	wrt54gc	Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary…	CWE-352 Origin Validation Error	CVE-2009-1561	2009-05-7 13:00	2009-05-7	Show	GitHub Exploit DB Packet Storm

276085	-	beltane	beltane	Cross-site request forgery (CSRF) vulnerability in Beltane before 2.3.11 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. NOTE: the provenance of this…	CWE-352 Origin Validation Error	CVE-2009-1518	2009-05-5 13:00	2009-05-5	Show	GitHub Exploit DB Packet Storm

276086	-	abe_timmerman	zml.cgi	Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.	NVD-CWE-Other	CVE-2001-1209	2009-04-30 13:08	2001-12-31	Show	GitHub Exploit DB Packet Storm

276087	-	gecad	axigen_mail_server	Cross-site scripting (XSS) vulnerability in the web mail interface feature in AXIGEN Mail Server 6.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving…	CWE-79 Cross-site Scripting	CVE-2009-1484	2009-04-30 03:30	2009-04-30	Show	GitHub Exploit DB Packet Storm

276088	-	apache	tiles	Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cro…	NVD-CWE-Other	CVE-2009-1275	2009-04-29 14:29	2009-04-10	Show	GitHub Exploit DB Packet Storm

276089	-	mpg123	mpg123	Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execut…	CWE-189 Numeric Errors	CVE-2009-1301	2009-04-29 14:29	2009-04-17	Show	GitHub Exploit DB Packet Storm

276090	-	mahara	mahara	Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x before 1.0.11 and 1.1.x before 1.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the introduction field i…	CWE-79 Cross-site Scripting	CVE-2009-0664	2009-04-29 14:28	2009-04-24	Show	GitHub Exploit DB Packet Storm