Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1191 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server 用 Microsoft OLE DB ドライバーのリモートでコードが実行される脆弱性 CWE-122
CWE-noinfo
CVE-2024-29047 2025-01-20 18:04 2024-04-9 Show GitHub Exploit DB Packet Storm
1192 7.5 重要
Network 		マイクロソフト Microsoft Outlook Android 版 Outlook の情報漏えいの脆弱性 CWE-77
CWE-noinfo
CVE-2024-26204 2025-01-20 18:04 2024-03-12 Show GitHub Exploit DB Packet Storm
1193 7.8 重要
Local 		マイクロソフト Microsoft Windows 10
Microsoft Windows Server 2025
Microsoft Windows Server 2022
Microsoft Windows 11 		Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability CWE-416
解放済みメモリの使用 		CVE-2025-21334 2025-01-20 18:04 2025-01-14 Show GitHub Exploit DB Packet Storm
1194 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における有効期限後のメモリの解放の欠如に関する脆弱性 CWE-401
有効期限後のメモリの解放の欠如 		CVE-2024-56553 2025-01-20 18:04 2024-10-13 Show GitHub Exploit DB Packet Storm
1195 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2024-53188 2025-01-20 18:04 2024-10-22 Show GitHub Exploit DB Packet Storm
1196 7.8 重要
Local 		マイクロソフト Microsoft Windows 11
Microsoft Windows Server 2025
Microsoft Windows Server 2022 		Microsoft Resilient File System の特権昇格の脆弱性 CWE-416
CWE-noinfo
CVE-2025-21372 2025-01-20 17:35 2025-01-14 Show GitHub Exploit DB Packet Storm
1197 7.8 重要
Local 		アドビシステムズ Adobe Substance 3D Stager アドビの Adobe Substance 3D Stager における境界外書き込みに関する脆弱性 CWE-122
CWE-787
CVE-2025-21129 2025-01-20 17:30 2025-01-14 Show GitHub Exploit DB Packet Storm
1198 7.8 重要
Local 		アドビシステムズ Adobe Substance 3D Stager アドビの Adobe Substance 3D Stager における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2025-21130 2025-01-20 17:30 2025-01-14 Show GitHub Exploit DB Packet Storm
1199 6.1 警告
Network 		ILIAS ILIAS Ilias におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-79
CVE-2019-1010237 2025-01-20 17:28 2019-01-4 Show GitHub Exploit DB Packet Storm
1200 6.5 警告
Network 		Jenkins プロジェクト Credentials Binding Jenkins Credentials Binding プラグインにおける認証情報の不十分な保護に関する脆弱性 CWE-257
CWE-522
CVE-2019-1010241 2025-01-20 17:25 2019-07-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 3, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
276011 - kasper_skrhj references_database SQL injection vulnerability in the References database (t3references) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2009-2105 2009-06-23 13:00 2009-06-18 Show GitHub Exploit DB Packet Storm
276012 - elvinbts elvinbts delete_bug.php in Elvin before 1.2.1 does not require administrative privileges, which allows remote authenticated users to bypass intended access restrictions and delete arbitrary bugs. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-2125 2009-06-23 13:00 2009-06-20 Show GitHub Exploit DB Packet Storm
276013 - edraw pdf_viewer_component Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and overwrite arbitrary… CWE-94
Code Injection 		CVE-2009-2169 2009-06-23 13:00 2009-06-23 Show GitHub Exploit DB Packet Storm
276014 - elvinbts elvinbts Cross-site scripting (XSS) vulnerability in close_bug.php in Elvin before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the title (aka subject) field. CWE-79
Cross-site Scripting 		CVE-2009-2126 2009-06-22 13:00 2009-06-20 Show GitHub Exploit DB Packet Storm
276015 - elvinbts elvinbts SQL injection vulnerability in close_bug.php in Elvin before 1.2.1 allows remote attackers to execute arbitrary SQL commands via the title (aka subject) field. CWE-89
SQL Injection 		CVE-2009-2128 2009-06-22 13:00 2009-06-20 Show GitHub Exploit DB Packet Storm
276016 - pagedowntech pdshoppro Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, when downloaded before 20070308, allows remote attackers to inject arbitrary web script or HTML via the search parameter. CWE-79
Cross-site Scripting 		CVE-2009-2032 2009-06-20 14:29 2009-06-13 Show GitHub Exploit DB Packet Storm
276017 - apple safari Apple Safari before 4.0 does not properly check for revoked Extended Validation (EV) certificates, which makes it easier for remote attackers to trick a user into accepting an invalid certificate. CWE-255
Credentials Management 		CVE-2009-1682 2009-06-19 14:32 2009-06-10 Show GitHub Exploit DB Packet Storm
276018 - apple safari CFNetwork in Apple Safari before 4.0 misinterprets downloaded image files as local HTML documents in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript code by p… CWE-94
Code Injection 		CVE-2009-1704 2009-06-19 14:32 2009-06-11 Show GitHub Exploit DB Packet Storm
276019 - apple safari The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit o… CWE-200
Information Exposure 		CVE-2009-1706 2009-06-19 14:32 2009-06-11 Show GitHub Exploit DB Packet Storm
276020 - apple safari Apple Safari before 4.0 does not prevent calls to the open-help-anchor URL handler by web sites, which allows remote attackers to open arbitrary local help files, and execute arbitrary code or obtain… NVD-CWE-Other
CVE-2009-1708 2009-06-19 14:32 2009-06-11 Show GitHub Exploit DB Packet Storm