Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1201 8.8 重要
Network 		マイクロソフト Microsoft Windows Server 2008
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows 10
Microsoft Windows Server&… 		Windows テレフォニー サービスのリモートでコードが実行される脆弱性 CWE-122
CWE-noinfo
CVE-2025-21417 2025-01-20 17:20 2025-01-14 Show GitHub Exploit DB Packet Storm
1202 8.8 重要
Network 		マイクロソフト Microsoft Windows Server 2008
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows 10
Microsoft Windows Server&… 		SQL Server 用 Microsoft WDAC OLE DB プロバイダーのリモートでコードが実行される脆弱性 CWE-416
CWE-noinfo
CVE-2024-30006 2025-01-20 17:17 2024-05-14 Show GitHub Exploit DB Packet Storm
1203 5.4 警告
Network 		VillaTheme Thank You Page Customizer for WooCommerce - Increase Your Sales VillaTheme の WordPress 用 Thank You Page Customizer for WooCommerce - Increase Your Sales における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-1687 2025-01-20 17:17 2024-02-27 Show GitHub Exploit DB Packet Storm
1204 8.8 重要
Local 		マイクロソフト Microsoft Windows 11 Windows 仮想化ベースのセキュリティ (VBS) エンクレーブの特権昇格の脆弱性 CWE-20
CWE-noinfo
CVE-2025-21370 2025-01-20 17:14 2025-01-14 Show GitHub Exploit DB Packet Storm
1205 7.5 重要
Network 		MailCleaner MailCleaner MailCleaner における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2019-1010246 2025-01-20 17:12 2019-01-21 Show GitHub Exploit DB Packet Storm
1206 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-121
CWE-noinfo
CVE-2024-28928 2025-01-20 17:11 2024-07-9 Show GitHub Exploit DB Packet Storm
1207 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-190
CWE-noinfo
CVE-2024-21428 2025-01-20 17:09 2024-07-9 Show GitHub Exploit DB Packet Storm
1208 7.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office 		Microsoft Excel のセキュリティ機能のバイパスの脆弱性 CWE-502
CWE-noinfo
CVE-2025-21364 2025-01-20 17:09 2025-01-14 Show GitHub Exploit DB Packet Storm
1209 4.3 警告
Network 		LadiPage LadiPage WordPress 用 LadiPage におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2023-4628 2025-01-20 17:07 2023-08-30 Show GitHub Exploit DB Packet Storm
1210 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-122
CWE-noinfo
CVE-2024-21415 2025-01-20 17:06 2024-07-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 3, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
280001 - swatch swatch The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression… NVD-CWE-Other
CVE-2002-0896 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
280002 - intranet-server localweb2000 LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory. NVD-CWE-Other
CVE-2002-0897 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
280003 - blueface falcon_web_server Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a . (dot). NVD-CWE-Other
CVE-2002-0899 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
280004 - mit pgp_public_key_server Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup… NVD-CWE-Other
CVE-2002-0900 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
280005 - amanda amanda Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certa… NVD-CWE-Other
CVE-2002-0901 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
280006 - phpbb_group phpbb Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote attackers to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which byp… NVD-CWE-Other
CVE-2002-0902 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
280007 - woltlab burning_board register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictab… NVD-CWE-Other
CVE-2002-0903 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
280008 - ibm informix Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable. NVD-CWE-Other
CVE-2002-0905 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
280009 - nullsoft shoutcast_server Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-". NVD-CWE-Other
CVE-2002-0907 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
280010 - cisco ids_device_manager Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request. NVD-CWE-Other
CVE-2002-0908 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm