Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1121 4.3 警告
Network 		フォーティネット FortiOS
FortiProxy 		フォーティネットの FortiProxy および FortiOS における脆弱性 CWE-358
CWE-Other
CVE-2024-33510 2025-01-21 13:55 2024-11-12 Show GitHub Exploit DB Packet Storm
1122 6.5 警告
Network 		フォーティネット FortiOS フォーティネットの FortiOS における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2023-42786 2025-01-21 13:52 2023-09-14 Show GitHub Exploit DB Packet Storm
1123 2.7
Network 		フォーティネット Fortiweb FortiWebにおけるSQLインジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-55593 2025-01-21 12:26 2025-01-21 Show GitHub Exploit DB Packet Storm
1124 7.8 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows 10
Microsoft Windows Server&… 		Win32k の特権の昇格の脆弱性 CWE-122
CWE-noinfo
CVE-2024-30038 2025-01-21 11:52 2024-05-14 Show GitHub Exploit DB Packet Storm
1125 7.8 重要
Local 		Linux Linux Kernel Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2024-56582 2025-01-21 11:45 2024-11-28 Show GitHub Exploit DB Packet Storm
1126 8.8 重要
Local 		マイクロソフト Microsoft Windows Server 2022 Microsoft Resilient File System の特権昇格の脆弱性 CWE-269
CWE-noinfo
CVE-2024-30007 2025-01-21 11:45 2024-05-14 Show GitHub Exploit DB Packet Storm
1127 7.8 重要
Local 		Linux Linux Kernel Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2024-53165 2025-01-21 11:43 2024-11-30 Show GitHub Exploit DB Packet Storm
1128 7.8 重要
Local 		Linux Linux Kernel Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2024-26944 2025-01-21 11:21 2024-03-26 Show GitHub Exploit DB Packet Storm
1129 7.8 重要
Local 		Linux Linux Kernel Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2023-52859 2025-01-21 11:19 2023-10-24 Show GitHub Exploit DB Packet Storm
1130 7.8 重要
Local 		Linux Linux Kernel Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2021-47204 2025-01-21 11:17 2021-11-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 6, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275131 - gnu gzip The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infi… CWE-20
 Improper Input Validation  		CVE-2009-2624 2010-11-18 15:29 2010-01-30 Show GitHub Exploit DB Packet Storm
275132 - sterlitetechnologies sam300_ax_router Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM300 AX Router allows remote attackers to inject arbitrary web script or HTML via the Stat_Radio parameter. CWE-79
Cross-site Scripting 		CVE-2010-0607 2010-11-4 13:00 2010-02-12 Show GitHub Exploit DB Packet Storm
275133 - osticket osticket Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users to inject arbitrary web script or HTML via the f parameter, possibly related… CWE-79
Cross-site Scripting 		CVE-2010-0606 2010-11-4 03:16 2010-02-12 Show GitHub Exploit DB Packet Storm
275134 - novaboard novaboard SQL injection vulnerability in header.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the nova_name cookie parameter. NOTE: the provenance of this information is… CWE-89
SQL Injection 		CVE-2010-0609 2010-11-4 02:46 2010-02-12 Show GitHub Exploit DB Packet Storm
275135 - ibm websphere_application_server The Single Sign-on (SSO) functionality in IBM WebSphere Application Server (WAS) 7.0.0.0 through 7.0.0.8 does not recognize the Requires SSL configuration option, which might allow remote attackers t… CWE-200
Information Exposure 		CVE-2010-0563 2010-11-3 13:00 2010-02-9 Show GitHub Exploit DB Packet Storm
275136 - nos_microsystems getplus_download_manager Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1.2.2.50 in NOS Microsystems getPlus Download Manager, as used for the Adobe Reader 8.1 installation process and other downloads, … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-5364 2010-10-25 13:00 2008-12-8 Show GitHub Exploit DB Packet Storm
275137 - ibm db2 The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact an… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-4331 2010-10-7 14:44 2009-12-17 Show GitHub Exploit DB Packet Storm
275138 - ibm db2 IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP2 does not perform the expected drops of certain table functions upon a loss of privileges by the functions' definers, which ha… NVD-CWE-noinfo
CVE-2009-3471 2010-10-7 14:42 2009-09-30 Show GitHub Exploit DB Packet Storm
275139 - opera opera_browser Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers… CWE-200
Information Exposure 		CVE-2010-0653 2010-09-21 14:46 2010-02-19 Show GitHub Exploit DB Packet Storm
275140 - fujitsu e-pares Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attackers to hijack web sessions via unspecified vectors. CWE-287
Improper Authentication 		CVE-2010-2149 2010-09-21 13:00 2010-06-4 Show GitHub Exploit DB Packet Storm