Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 17, 2025, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131 4.3 警告
Network 		Brizy brizy Brizy の WordPress 用 brizy における認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2024-3711 2025-01-17 12:02 2024-05-23 Show GitHub Exploit DB Packet Storm
132 9.8 緊急
Network 		Apache Software Foundation Apache Xerces-C++ Apache Software Foundation の Apache Xerces-C++ における解放済みメモリの使用に関する脆弱性 New CWE-416
解放済みメモリの使用 		CVE-2024-23807 2025-01-17 12:02 2024-02-29 Show GitHub Exploit DB Packet Storm
133 5.3 警告
Network 		MantisBT Group MantisBT MantisBT Group の MantisBT における脆弱性 New CWE-200
CWE-noinfo
CVE-2024-34080 2025-01-17 12:02 2024-05-14 Show GitHub Exploit DB Packet Storm
134 8.8 重要
Network 		Brizy brizy Brizy の WordPress 用 brizy における危険なタイプのファイルの無制限アップロードに関する脆弱性 New CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2024-1311 2025-01-17 11:58 2024-03-13 Show GitHub Exploit DB Packet Storm
135 5.3 警告
Network 		zestard admin side data storage for contact form 7 zestard の WordPress 用 admin side data storage for contact form 7 における認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2024-1779 2025-01-17 11:58 2024-02-23 Show GitHub Exploit DB Packet Storm
136 8.8 重要
Network 		Progress Software Corporation telerik report server Progress Software Corporation の telerik report server における信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-502
CWE-502
CVE-2024-1800 2025-01-17 11:58 2024-03-20 Show GitHub Exploit DB Packet Storm
137 7.5 重要
Network 		Ivanti Avalanche Ivanti の Avalanche におけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2024-13180 2025-01-17 11:58 2025-01-14 Show GitHub Exploit DB Packet Storm
138 - - Belledonne Communications Linphone-Desktop Belledonne Communications 製 Linphone-Desktop における NULL ポインタ参照の脆弱性 New CWE-476
NULL ポインタデリファレンス 		CVE-2025-0430 2025-01-17 11:56 2025-01-16 Show GitHub Exploit DB Packet Storm
139 9.8 緊急
Network 		Apache Software Foundation hertzbeat Apache Software Foundation の hertzbeat におけるインジェクションに関する脆弱性 New CWE-74
CWE-74
CVE-2023-51653 2025-01-17 11:54 2023-12-20 Show GitHub Exploit DB Packet Storm
140 7.5 重要
Network 		Apache Software Foundation Apache DolphinScheduler Apache Software Foundation の Apache DolphinScheduler におけるコードインジェクションの脆弱性 New CWE-94
コード・インジェクション 		CVE-2023-51770 2025-01-17 11:54 2023-12-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 18, 2025, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275241 - mozilla bugzilla show_bug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access" privileges to see other products that are not accessible to the user, by submitting a bug and reading the resulting Product pul… NVD-CWE-Other
CVE-2002-0009 2008-09-11 04:11 2002-01-31 Show GitHub Exploit DB Packet Storm
275242 - mozilla bugzilla Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL code and create files or gain privileges via (1) the sql parameter in buglist.cgi, (2) invalid field names from the "boolean cha… NVD-CWE-Other
CVE-2002-0010 2008-09-11 04:11 2002-01-31 Show GitHub Exploit DB Packet Storm
275243 - mozilla bugzilla Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may allow remote attackers to more easily conduct attacks on the login. NVD-CWE-Other
CVE-2002-0011 2008-09-11 04:11 2002-01-31 Show GitHub Exploit DB Packet Storm
275244 - isc
astaro 		bind
security_linux 		Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DN… NVD-CWE-Other
CVE-2002-0029 2008-09-11 04:11 2002-11-29 Show GitHub Exploit DB Packet Storm
275245 - adobe acrobat
acrobat_reader 		The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by… NVD-CWE-Other
CVE-2002-0030 2008-09-11 04:11 2003-04-2 Show GitHub Exploit DB Packet Storm
275246 - bindview
funk_software 		netrc
funk_software_proxy 		Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system. NVD-CWE-Other
CVE-2002-0064 2008-09-11 04:11 2002-04-22 Show GitHub Exploit DB Packet Storm
275247 - bindview
funk_software 		netrc
funk_software_proxy 		Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry. NVD-CWE-Other
CVE-2002-0065 2008-09-11 04:11 2002-04-22 Show GitHub Exploit DB Packet Storm
275248 - bindview
funk_software 		netrc
funk_software_proxy 		Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use … NVD-CWE-Other
CVE-2002-0066 2008-09-11 04:11 2002-04-22 Show GitHub Exploit DB Packet Storm
275249 - geeklog geeklog Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account. NVD-CWE-Other
CVE-2002-0097 2008-09-11 04:11 2002-03-25 Show GitHub Exploit DB Packet Storm
275250 - scott_parish chuid Directory traversal vulnerability in chuid 1.2 and earlier allows remote attackers to change the ownership of files outside of the upload directory via a .. (dot dot) attack. NVD-CWE-Other
CVE-2002-0144 2008-09-11 04:11 2002-03-25 Show GitHub Exploit DB Packet Storm