Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1201 8.8 重要
Network 		マイクロソフト Microsoft Windows Server 2008
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows 10
Microsoft Windows Server&… 		Windows テレフォニー サービスのリモートでコードが実行される脆弱性 CWE-122
CWE-noinfo
CVE-2025-21417 2025-01-20 17:20 2025-01-14 Show GitHub Exploit DB Packet Storm
1202 8.8 重要
Network 		マイクロソフト Microsoft Windows Server 2008
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows 10
Microsoft Windows Server&… 		SQL Server 用 Microsoft WDAC OLE DB プロバイダーのリモートでコードが実行される脆弱性 CWE-416
CWE-noinfo
CVE-2024-30006 2025-01-20 17:17 2024-05-14 Show GitHub Exploit DB Packet Storm
1203 5.4 警告
Network 		VillaTheme Thank You Page Customizer for WooCommerce - Increase Your Sales VillaTheme の WordPress 用 Thank You Page Customizer for WooCommerce - Increase Your Sales における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-1687 2025-01-20 17:17 2024-02-27 Show GitHub Exploit DB Packet Storm
1204 8.8 重要
Local 		マイクロソフト Microsoft Windows 11 Windows 仮想化ベースのセキュリティ (VBS) エンクレーブの特権昇格の脆弱性 CWE-20
CWE-noinfo
CVE-2025-21370 2025-01-20 17:14 2025-01-14 Show GitHub Exploit DB Packet Storm
1205 7.5 重要
Network 		MailCleaner MailCleaner MailCleaner における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2019-1010246 2025-01-20 17:12 2019-01-21 Show GitHub Exploit DB Packet Storm
1206 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-121
CWE-noinfo
CVE-2024-28928 2025-01-20 17:11 2024-07-9 Show GitHub Exploit DB Packet Storm
1207 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-190
CWE-noinfo
CVE-2024-21428 2025-01-20 17:09 2024-07-9 Show GitHub Exploit DB Packet Storm
1208 7.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office 		Microsoft Excel のセキュリティ機能のバイパスの脆弱性 CWE-502
CWE-noinfo
CVE-2025-21364 2025-01-20 17:09 2025-01-14 Show GitHub Exploit DB Packet Storm
1209 4.3 警告
Network 		LadiPage LadiPage WordPress 用 LadiPage におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2023-4628 2025-01-20 17:07 2023-08-30 Show GitHub Exploit DB Packet Storm
1210 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-122
CWE-noinfo
CVE-2024-21415 2025-01-20 17:06 2024-07-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 3, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275801 - bittorrent
utorrent 		bittorrent
utorrent 		Buffer overflow in the web interface in BitTorrent 6.0.1 (build 7859) and earlier, and uTorrent 1.7.6 (build 7859) and earlier, allows remote attackers to cause a denial of service (memory consumptio… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-7166 2009-09-9 13:00 2009-09-4 Show GitHub Exploit DB Packet Storm
275802 - devscripts_devel_team devscripts Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source… NVD-CWE-Other
CVE-2009-2946 2009-09-8 13:00 2009-09-5 Show GitHub Exploit DB Packet Storm
275803 - snowhall silurus_system SQL injection vulnerability in wcategory.php in Snow Hall Silurus System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information … CWE-89
SQL Injection 		CVE-2009-3082 2009-09-8 13:00 2009-09-5 Show GitHub Exploit DB Packet Storm
275804 - mozilla firefox The browser engine in Mozilla Firefox 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2009-2662 2009-09-4 14:28 2009-08-5 Show GitHub Exploit DB Packet Storm
275805 - mozilla firefox The nsDocument::SetScriptGlobalObject function in content/base/src/nsDocument.cpp in Mozilla Firefox 3.5.x before 3.5.2, when certain add-ons are enabled, does not properly handle a Link HTTP header,… CWE-94
Code Injection 		CVE-2009-2665 2009-09-4 14:28 2009-08-5 Show GitHub Exploit DB Packet Storm
275806 - aom-software beex Multiple cross-site scripting (XSS) vulnerabilities in AOM Software Beex 3 allow remote attackers to inject arbitrary web script or HTML via the navaction parameter to (1) news.php and (2) partnerall… CWE-79
Cross-site Scripting 		CVE-2009-3057 2009-09-4 13:00 2009-09-4 Show GitHub Exploit DB Packet Storm
275807 - allpublication jboard Multiple SQL injection vulnerabilities in Joker Board (aka JBoard) 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) core/select.php or (2) the city parameter to top_ad… CWE-89
SQL Injection 		CVE-2009-3059 2009-09-4 13:00 2009-09-4 Show GitHub Exploit DB Packet Storm
275808 - alqa6ari script_q_r SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from thi… CWE-89
SQL Injection 		CVE-2009-3061 2009-09-4 13:00 2009-09-4 Show GitHub Exploit DB Packet Storm
275809 - webformatique reservation_manager Cross-site scripting (XSS) vulnerability in index.php in Reservation Manager allows remote attackers to inject arbitrary web script or HTML via the resman_startdate parameter. CWE-79
Cross-site Scripting 		CVE-2009-3067 2009-09-4 13:00 2009-09-4 Show GitHub Exploit DB Packet Storm
275810 - ibm lotus_notes Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachmen… CWE-94
Code Injection 		CVE-2008-1217 2009-09-3 13:00 2008-03-9 Show GitHub Exploit DB Packet Storm