Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1251	5.4	警告 Network	Contao	contao	Contao におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2024-28190	2025-01-20 15:15	2024-04-9	Show	GitHub Exploit DB Packet Storm

1252	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 Microsoft Windows Server 2022 Microsoft Windows Server 2012 Microsoft Window…	Windows CSC サービスの情報漏えいの脆弱性	CWE-125 CWE-125	CVE-2025-21374	2025-01-20 15:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

1253	6.5	警告 Network	Brizy	brizy	Brizy の WordPress 用 brizy におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2024-1165	2025-01-20 15:14	2024-02-26	Show	GitHub Exploit DB Packet Storm

1254	5.4	警告 Network	Brizy	brizy	Brizy の WordPress 用 brizy におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1291	2025-01-20 15:14	2024-03-13	Show	GitHub Exploit DB Packet Storm

1255	5.4	警告 Network	Themeisle	Orbit Fox	ThemeIsle の WordPress 用 Orbit Fox におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1323	2025-01-20 15:14	2024-02-27	Show	GitHub Exploit DB Packet Storm

1256	4.3	警告 Network	zestard	admin side data storage for contact form 7	zestard の WordPress 用 admin side data storage for contact form 7 におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2024-1777	2025-01-20 15:14	2024-02-23	Show	GitHub Exploit DB Packet Storm

1257	9.1	緊急 Network	WPvivid	Migration Backup Staging	WPvivid の WordPress 用 Migration, Backup, Staging における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-1982	2025-01-20 15:14	2024-02-29	Show	GitHub Exploit DB Packet Storm

1258	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 Microsoft Windows Server 2022 Microsoft Windows Server 2012 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21411	2025-01-20 15:12	2025-01-14	Show	GitHub Exploit DB Packet Storm

1259	7.8	重要 Local	マイクロソフト	Microsoft Outlook Microsoft Office	Microsoft Outlook のリモートでコードが実行される脆弱性	CWE-641 CWE-noinfo	CVE-2025-21361	2025-01-20 15:10	2025-01-14	Show	GitHub Exploit DB Packet Storm

1260	6.5	警告 Network	Outlook.com	Microsoft Edge Chromium	Microsoft Edge (Chromium ベース) の情報漏えいの脆弱性	CWE-200 CWE-359 CWE-noinfo	CVE-2024-29987	2025-01-20 15:06	2024-04-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 22, 2025, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274651	-	avirt	avirt_gateway avirt_gateway_suite avirt_soho	Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string …	NVD-CWE-Other	CVE-2002-0133	2016-10-18 11:16	2002-03-25	Show	GitHub Exploit DB Packet Storm

274652	-	avirt	avirt_gateway_suite	Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitra…	NVD-CWE-Other	CVE-2002-0134	2016-10-18 11:16	2002-03-25	Show	GitHub Exploit DB Packet Storm

274653	-	andreas_mueller	cdrdao	CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.	NVD-CWE-Other	CVE-2002-0137	2016-10-18 11:16	2002-03-25	Show	GitHub Exploit DB Packet Storm

274654	-	andreas_mueller	cdrdao	CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command.	NVD-CWE-Other	CVE-2002-0138	2016-10-18 11:16	2002-03-25	Show	GitHub Exploit DB Packet Storm

274655	-	pi3	pi3web	CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows remote attackers to cause a denial of service (crash) via a series of requests whose physical path is exactly 260 characters long an…	NVD-CWE-Other	CVE-2002-0142	2016-10-18 11:16	2002-03-25	Show	GitHub Exploit DB Packet Storm

274656	-	cisco	secure_access_control_server	Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash…	CWE-134 Use of Externally-Controlled Format String	CVE-2002-0159	2016-10-18 11:16	2002-04-22	Show	GitHub Exploit DB Packet Storm

274657	-	cisco	secure_access_control_server	The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image fil…	NVD-CWE-Other	CVE-2002-0160	2016-10-18 11:16	2002-04-22	Show	GitHub Exploit DB Packet Storm

274658	-	logwatch	logwatch	LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory.	NVD-CWE-Other	CVE-2002-0162	2016-10-18 11:16	2002-03-27	Show	GitHub Exploit DB Packet Storm

274659	-	squid	squid	Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary …	NVD-CWE-Other	CVE-2002-0163	2016-10-18 11:16	2002-03-26	Show	GitHub Exploit DB Packet Storm

274660	-	logwatch	logwatch	LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162.	NVD-CWE-Other	CVE-2002-0165	2016-10-18 11:16	2002-04-3	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed