Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1441 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2023-52865 2025-01-17 20:40 2023-10-18 Show GitHub Exploit DB Packet Storm
1442 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2021-47202 2025-01-17 20:37 2021-11-5 Show GitHub Exploit DB Packet Storm
1443 8.8 重要
Network 		Google Google Chrome Google の Google Chrome における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2025-0437 2025-01-17 19:41 2025-01-14 Show GitHub Exploit DB Packet Storm
1444 9.8 緊急
Network 		Apache Software Foundation hertzbeat Apache Software Foundation の hertzbeat における信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
CWE-502
CVE-2023-51389 2025-01-17 19:41 2023-12-18 Show GitHub Exploit DB Packet Storm
1445 8.5 重要
Network 		BoldGrid W3 Total Cache BoldGrid の WordPress 用 W3 Total Cache における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-12365 2025-01-17 19:41 2024-12-9 Show GitHub Exploit DB Packet Storm
1446 9.8 緊急
Network 		Ivanti Avalanche Ivanti の Avalanche におけるパストラバーサルの脆弱性 CWE-22
CWE-22
CWE-288
CVE-2024-13181 2025-01-17 19:41 2025-01-14 Show GitHub Exploit DB Packet Storm
1447 6.4 警告
Network 		s-sols seraphinite accelerator s-sols の WordPress 用 seraphinite accelerator におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2024-1568 2025-01-17 19:41 2024-02-28 Show GitHub Exploit DB Packet Storm
1448 7.2 重要
Network 		zestard admin side data storage for contact form 7 zestard の WordPress 用 admin side data storage for contact form 7 における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-1776 2025-01-17 19:41 2024-02-23 Show GitHub Exploit DB Packet Storm
1449 8.8 重要
Network 		Progress Software Corporation telerik reporting Progress Software Corporation の telerik reporting における信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
CWE-502
CVE-2024-1856 2025-01-17 19:40 2024-03-20 Show GitHub Exploit DB Packet Storm
1450 9.1 緊急
Network 		WPvivid Migration
 Backup
 Staging 		WPvivid の WordPress 用 Migration, Backup, Staging における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-1981 2025-01-17 19:40 2024-02-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 7, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
277221 - fad_solutions drzes_hms Multiple SQL injection vulnerabilities in DRZES HMS 3.2 allow remote attackers to execute arbitrary SQL commands via the (1) plan_id parameter to (a) domains.php, (b) viewusage.php, (c) pop_accounts.… NVD-CWE-Other
CVE-2005-4366 2008-09-20 13:42 2005-12-20 Show GitHub Exploit DB Packet Storm
277222 - fad_solutions drzes_hms Cross-site scripting (XSS) vulnerability in register_domain.php in DRZES HMS 3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the "Domain… NVD-CWE-Other
CVE-2005-4367 2008-09-20 13:42 2005-12-20 Show GitHub Exploit DB Packet Storm
277223 - asps shopping_cart Multiple SQL injection vulnerabilities in Absolute Shopping Package Solutions (ASPS) Shopping Cart Professional 2.9d and earlier, and Lite 2.1 and earlier, allow remote attackers to execute arbitrary… NVD-CWE-Other
CVE-2005-4003 2008-09-20 13:41 2005-12-5 Show GitHub Exploit DB Packet Storm
277224 - jax_calendar jax_calendar SQL injection vulnerability in jax_calendar.php in Jax Calendar 1.34 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter, and possibly the (2) Y and (3) m parameter… NVD-CWE-Other
CVE-2005-4008 2008-09-20 13:41 2005-12-5 Show GitHub Exploit DB Packet Storm
277225 - php_lite calendar_express Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cid and (2) catid parameters to (a) day.php, (… NVD-CWE-Other
CVE-2005-4009 2008-09-20 13:41 2005-12-5 Show GitHub Exploit DB Packet Storm
277226 - - - property.php in Widget Property 1.1.19 allows remote attackers to obtain the full server path via an invalid lang value, which leaks the path in the resulting error message. NVD-CWE-Other
CVE-2005-4017 2008-09-20 13:41 2005-12-5 Show GitHub Exploit DB Packet Storm
277227 - simplemedia simplebbs SQL injection vulnerability in SimpleBBS 1.1 allows remote attackers to execute arbitrary SQL commands via unspecified search module parameters. CWE-89
SQL Injection 		CVE-2005-4027 2008-09-20 13:41 2005-12-5 Show GitHub Exploit DB Packet Storm
277228 - debian python-dns PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a di… CWE-16
Configuration 		CVE-2008-4099 2008-09-19 13:00 2008-09-19 Show GitHub Exploit DB Packet Storm
277229 - debian python-dns PyDNS (aka python-dns) before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote a… CWE-16
Configuration 		CVE-2008-4126 2008-09-19 13:00 2008-09-19 Show GitHub Exploit DB Packet Storm
277230 - lxde lightweight_x11_desktop_environment src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file. CWE-59
Link Following 		CVE-2008-3791 2008-09-17 14:35 2008-09-3 Show GitHub Exploit DB Packet Storm