Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1191	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2008 Microsoft Windows 11 Microsoft Windows Server 2016 Microsoft Windows 10 Microsoft Windows Server&…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21417	2025-01-20 17:20	2025-01-14	Show	GitHub Exploit DB Packet Storm

1192	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2008 Microsoft Windows 11 Microsoft Windows Server 2016 Microsoft Windows 10 Microsoft Windows Server&…	SQL Server 用 Microsoft WDAC OLE DB プロバイダーのリモートでコードが実行される脆弱性	CWE-416 CWE-noinfo	CVE-2024-30006	2025-01-20 17:17	2024-05-14	Show	GitHub Exploit DB Packet Storm

1193	5.4	警告 Network	VillaTheme	Thank You Page Customizer for WooCommerce - Increase Your Sales	VillaTheme の WordPress 用 Thank You Page Customizer for WooCommerce - Increase Your Sales における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-1687	2025-01-20 17:17	2024-02-27	Show	GitHub Exploit DB Packet Storm

1194	8.8	重要 Local	マイクロソフト	Microsoft Windows 11	Windows 仮想化ベースのセキュリティ (VBS) エンクレーブの特権昇格の脆弱性	CWE-20 CWE-noinfo	CVE-2025-21370	2025-01-20 17:14	2025-01-14	Show	GitHub Exploit DB Packet Storm

1195	7.5	重要 Network	MailCleaner	MailCleaner	MailCleaner における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2019-1010246	2025-01-20 17:12	2019-01-21	Show	GitHub Exploit DB Packet Storm

1196	8.8	重要 Network	マイクロソフト	Microsoft SQL Server	SQL Server Native Client OLE DB プロバイダーのリモートコード実行に対する脆弱性	CWE-121 CWE-noinfo	CVE-2024-28928	2025-01-20 17:11	2024-07-9	Show	GitHub Exploit DB Packet Storm

1197	8.8	重要 Network	マイクロソフト	Microsoft SQL Server	SQL Server Native Client OLE DB プロバイダーのリモートコード実行に対する脆弱性	CWE-190 CWE-noinfo	CVE-2024-21428	2025-01-20 17:09	2024-07-9	Show	GitHub Exploit DB Packet Storm

1198	7.8	重要 Local	マイクロソフト	Microsoft 365 Apps Microsoft Office	Microsoft Excel のセキュリティ機能のバイパスの脆弱性	CWE-502 CWE-noinfo	CVE-2025-21364	2025-01-20 17:09	2025-01-14	Show	GitHub Exploit DB Packet Storm

1199	4.3	警告 Network	LadiPage	LadiPage	WordPress 用 LadiPage におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2023-4628	2025-01-20 17:07	2023-08-30	Show	GitHub Exploit DB Packet Storm

1200	8.8	重要 Network	マイクロソフト	Microsoft SQL Server	SQL Server Native Client OLE DB プロバイダーのリモートコード実行に対する脆弱性	CWE-122 CWE-noinfo	CVE-2024-21415	2025-01-20 17:06	2024-07-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 3, 2025, 4:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
279901	-	cafelog	b2	Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable.	NVD-CWE-Other	CVE-2002-1464	2008-09-6 05:30	2003-04-22	Show	GitHub Exploit DB Packet Storm

279902	-	cafelog	b2	SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable.	NVD-CWE-Other	CVE-2002-1465	2008-09-6 05:30	2003-04-22	Show	GitHub Exploit DB Packet Storm

279903	-	cafelog	b2	CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable.	NVD-CWE-Other	CVE-2002-1466	2008-09-6 05:30	2003-04-22	Show	GitHub Exploit DB Packet Storm

279904	-	macromedia	flash_player shockwave	Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3)…	NVD-CWE-Other	CVE-2002-1467	2008-09-6 05:30	2003-04-22	Show	GitHub Exploit DB Packet Storm

279905	-	ibm	aix	Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root.	NVD-CWE-Other	CVE-2002-1468	2008-09-6 05:30	2003-04-22	Show	GitHub Exploit DB Packet Storm

279906	-	scponly	scponly	scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs …	NVD-CWE-Other	CVE-2002-1469	2008-09-6 05:30	2003-04-22	Show	GitHub Exploit DB Packet Storm

279907	-	nullsoft	shoutcast_server	SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log…	NVD-CWE-Other	CVE-2002-1470	2008-09-6 05:30	2003-04-22	Show	GitHub Exploit DB Packet Storm

279908	-	ximian	evolution	The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote att…	NVD-CWE-Other	CVE-2002-1471	2008-09-6 05:30	2003-04-22	Show	GitHub Exploit DB Packet Storm

279909	-	xfree86_project	x11r6	Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that poi…	NVD-CWE-Other	CVE-2002-1472	2008-09-6 05:30	2003-03-3	Show	GitHub Exploit DB Packet Storm

279910	-	hp	hp-ux	Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.	NVD-CWE-Other	CVE-2002-1473	2008-09-6 05:30	2003-04-22	Show	GitHub Exploit DB Packet Storm