Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 10 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
121 7.8 重要
Local
マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server …
複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 Update CWE-noinfo
情報不足
CVE-2019-0895 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
122 7.8 重要
Local
マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server …
複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 Update CWE-noinfo
情報不足
CVE-2019-0896 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
123 7.8 重要
Local
マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server …
複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 Update CWE-noinfo
情報不足
CVE-2019-0897 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
124 7.8 重要
Local
マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server …
複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 Update CWE-noinfo
情報不足
CVE-2019-0898 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
125 7.8 重要
Local
マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server …
複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 Update CWE-noinfo
情報不足
CVE-2019-0899 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
126 9.8 緊急
Network
miniOrange Miniorange OTP Verification with Firebase miniOrange の WordPress 用 Miniorange OTP Verification with Firebase におけるユーザ制御の鍵による認証回避に関する脆弱性 New CWE-639
CWE-639
CVE-2024-9862 2025-01-29 16:50 2024-10-17 Show GitHub Exploit DB Packet Storm
127 2.3
Local
Lenovo ThinkSystem SR670 V2 ファームウェア Lenovo の ThinkSystem SR670 V2 ファームウェアにおける脆弱性 New CWE-1269
CWE-Other
CVE-2024-23591 2025-01-29 16:42 2024-02-16 Show GitHub Exploit DB Packet Storm
128 8.8 重要
Network
ZTE MF258K PRO ファームウェア ZTE の MF258K PRO ファームウェアにおける OS コマンドインジェクションの脆弱性 New CWE-20
CWE-78
CVE-2024-22065 2025-01-29 16:38 2024-10-29 Show GitHub Exploit DB Packet Storm
129 7.8 重要
Local
ultralytics yolov3 Ultralytics の YOLOv3 における信頼できないデータのデシリアライゼーションに関する脆弱性 Update CWE-502
信頼性のないデータのデシリアライゼーション
CVE-2021-31681 2025-01-29 16:33 2021-04-23 Show GitHub Exploit DB Packet Storm
130 3.3
Local
オープンCADフォーマット評議会 SXF 共通ライブラリ SXF共通ライブラリにおける入力データの取り扱い不備 New CWE-Other
その他
CVE-2025-24336 2025-01-29 16:32 2025-01-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274721 - apple mac_os_x
mac_os_x_server
The default configuration of the FreeRADIUS server in Apple Mac OS X Server before 10.6.3 permits EAP-TLS authenticated connections on the basis of an arbitrary client certificate, which allows remot… CWE-264
Permissions, Privileges, and Access Controls
CVE-2010-0524 2010-05-21 14:57 2010-03-31 Show GitHub Exploit DB Packet Storm
274722 - cisco pgw_2200_softswitch The MGCP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S11 allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug ID CSCsl391… CWE-20
 Improper Input Validation 
CVE-2010-0601 2010-05-21 14:57 2010-05-15 Show GitHub Exploit DB Packet Storm
274723 - cisco pgw_2200_softswitch The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S11 allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug ID CSCsk3260… CWE-20
 Improper Input Validation 
CVE-2010-0602 2010-05-21 14:57 2010-05-15 Show GitHub Exploit DB Packet Storm
274724 - cisco pgw_2200_softswitch Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via unknown SIP… NVD-CWE-noinfo
CVE-2010-0604 2010-05-21 14:57 2010-05-15 Show GitHub Exploit DB Packet Storm
274725 - gohigheris com_jwhmcs Directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to … CWE-22
Path Traversal
CVE-2010-1977 2010-05-21 13:00 2010-05-20 Show GitHub Exploit DB Packet Storm
274726 - openmairie opencatalogue Directory traversal vulnerability in scr/soustab.php in OpenMairie Opencatalogue 1.024, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via dire… CWE-22
Path Traversal
CVE-2010-1999 2010-05-21 13:00 2010-05-21 Show GitHub Exploit DB Packet Storm
274727 - ron_jerome bibliography Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privil… CWE-79
Cross-site Scripting
CVE-2010-2000 2010-05-21 13:00 2010-05-21 Show GitHub Exploit DB Packet Storm
274728 - ninjitsuweb civiregister Cross-site scripting (XSS) vulnerability in the CiviRegister module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI. CWE-79
Cross-site Scripting
CVE-2010-2001 2010-05-21 13:00 2010-05-21 Show GitHub Exploit DB Packet Storm
274729 - addison_berry
jeff_warrington
wordfilter Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x before 5.x-1.1 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with "administer words filtered" privileges, … CWE-79
Cross-site Scripting
CVE-2010-2002 2010-05-21 13:00 2010-05-21 Show GitHub Exploit DB Packet Storm
274730 - toutvirtual virtualiq Multiple cross-site scripting (XSS) vulnerabilities in ToutVirtual VirtualIQ Pro 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the (1) addNewDept, (2) deptId, or (3… CWE-79
Cross-site Scripting
CVE-2009-4842 2010-05-21 13:00 2010-05-8 Show GitHub Exploit DB Packet Storm