Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1271 6.7 警告
Local 		フォーティネット FortiAnalyzer-BigData
FortiAnalyzer
FortiManager 		複数のフォーティネット製品における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-32118 2025-01-20 14:53 2024-11-12 Show GitHub Exploit DB Packet Storm
1272 6.7 警告
Local 		フォーティネット FortiManager フォーティネットの FortiManager におけるコードインジェクションの脆弱性 CWE-1336
CWE-94
CVE-2023-47542 2025-01-20 14:50 2023-11-6 Show GitHub Exploit DB Packet Storm
1273 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-122
CWE-noinfo
CVE-2024-21425 2025-01-20 14:46 2024-07-9 Show GitHub Exploit DB Packet Storm
1274 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-122
CWE-noinfo
CVE-2024-21331 2025-01-20 14:38 2024-07-9 Show GitHub Exploit DB Packet Storm
1275 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-122
CWE-noinfo
CVE-2024-21317 2025-01-20 14:24 2024-07-9 Show GitHub Exploit DB Packet Storm
1276 8.8 重要
Network 		Wpmet ElementsKit Elementor addons Wpmet の WordPress 用 ElementsKit Elementor addons における脆弱性 CWE-Other
その他 		CVE-2024-2047 2025-01-20 14:10 2024-03-30 Show GitHub Exploit DB Packet Storm
1277 6.1 警告
Network 		Rock Lobster Contact Form 7 Rock Lobster の WordPress 用 Contact Form 7 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-2242 2025-01-20 14:10 2024-03-13 Show GitHub Exploit DB Packet Storm
1278 5.4 警告
Network 		Livemesh Livemesh Addons for Elementor Livemesh の WordPress 用 Livemesh Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-2655 2025-01-20 14:10 2024-04-10 Show GitHub Exploit DB Packet Storm
1279 5.4 警告
Network 		Wpmet ElementsKit Elementor addons Wpmet の WordPress 用 ElementsKit Elementor addons におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-2803 2025-01-20 14:09 2024-04-4 Show GitHub Exploit DB Packet Storm
1280 8.8 重要
Network 		oretnom23 computer laboratory management system oretnom23 の computer laboratory management system における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-3316 2025-01-20 14:09 2024-04-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 6, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
276351 - ad2000 free-sw_leger Cross-site scripting (XSS) vulnerability in AD2000 free-sw leger (aka Web Conference Room Free) 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vector… CWE-79
Cross-site Scripting 		CVE-2009-2240 2009-06-30 13:00 2009-06-28 Show GitHub Exploit DB Packet Storm
276352 - unisys business_information_server Stack-based buffer overflow in mnet.exe in Unisys Business Information Server (BIS) 10 and 10.1 on Windows allows remote attackers to execute arbitrary code via a crafted TCP packet. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2009-1628 2009-06-29 13:00 2009-06-27 Show GitHub Exploit DB Packet Storm
276353 - paessler prtg_traffic_grapher
prtg_traffic_grapher6.0.5.416 		Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6.2.2.977 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified… CWE-79
Cross-site Scripting 		CVE-2009-1849 2009-06-29 13:00 2009-06-2 Show GitHub Exploit DB Packet Storm
276354 - microsoft windows_2003_server
windows_vista 		win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (system crash) via vectors related to CreateWindow, TranslateMessage, and DispatchMessage, possib… CWE-362
Race Condition 		CVE-2008-6819 2009-06-29 13:00 2009-06-2 Show GitHub Exploit DB Packet Storm
276355 - peter_wolanin openid Cross-site scripting (XSS) vulnerability in OpenID 5.x before 5.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2008-6835 2009-06-29 13:00 2009-06-28 Show GitHub Exploit DB Packet Storm
276356 - peter_wolanin openid Cross-site request forgery (CSRF) vulnerability in OpenID 5.x before 5x.-1.2, a module for Drupal, allows remote attackers to hijack the authentication of unspecified victims to delete OpenID identit… CWE-352
 Origin Validation Error 		CVE-2008-6836 2009-06-29 13:00 2009-06-28 Show GitHub Exploit DB Packet Storm
276357 - foxitsoftware jpeg2000_jbig2_decoder_add-on
foxit_reader 		The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 (aka JPX) header, which allows … CWE-399
 Resource Management Errors 		CVE-2009-0691 2009-06-26 13:00 2009-06-24 Show GitHub Exploit DB Packet Storm
276358 - serendipitynz serene_bach SerendipityNZ (aka SimpleBoxes) Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions … NVD-CWE-Other
CVE-2009-2165 2009-06-26 13:00 2009-06-23 Show GitHub Exploit DB Packet Storm
276359 - urdland urd Multiple cross-site scripting (XSS) vulnerabilities in URD before 0.6.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the fatal_error page and unspecified other… CWE-79
Cross-site Scripting 		CVE-2009-2215 2009-06-26 13:00 2009-06-26 Show GitHub Exploit DB Packet Storm
276360 - wowbb wowbb_web_forum Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the (1) sort_by or (2) page parameters to view_user.php, or the (3) forum_id pa… NVD-CWE-Other
CVE-2004-2181 2009-06-25 13:25 2004-12-31 Show GitHub Exploit DB Packet Storm