Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
141 5.5 警告
Local 		xpdfreader project xpdf Glyph & Cog, LLC の Xpdf における境界外書き込みに関する脆弱性 CWE-787
CWE-787
CVE-2024-4976 2025-01-30 11:48 2024-05-15 Show GitHub Exploit DB Packet Storm
142 5.4 警告
Network 		WebTechStreet Elementor Addon Elements WebTechStreet の WordPress 用 Elementor Addon Elements におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-47366 2025-01-30 11:48 2024-10-6 Show GitHub Exploit DB Packet Storm
143 8.8 重要
Network 		デル Dell SupportAssist for Home PCs
Dell SupportAssist for Business PCs 		デルの Dell SupportAssist for Business PCs および Dell SupportAssist for Home PCs におけるリンク解釈に関する脆弱性 CWE-59
CWE-61
CVE-2024-52535 2025-01-30 11:48 2024-12-25 Show GitHub Exploit DB Packet Storm
144 9.8 緊急
Network 		OpenImageIO project OpenImageIO OpenImageIO project の OpenImageIO における境界外書き込みに関する脆弱性 CWE-120
CWE-787
CVE-2024-55194 2025-01-30 11:48 2024-12-6 Show GitHub Exploit DB Packet Storm
145 4.3 警告
Network 		Easy Social Feed Easy Social Feed WordPress 用 Easy Social Feed におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2024-1213 2025-01-30 11:40 2024-03-21 Show GitHub Exploit DB Packet Storm
146 9.8 緊急
Network 		Metagauss Inc. registrationmagic Metagauss Inc. の WordPress 用 registrationmagic における脆弱性 CWE-230
CWE-noinfo
CVE-2024-10508 2025-01-30 11:40 2024-11-9 Show GitHub Exploit DB Packet Storm
147 4.3 警告
Network 		envothemes envo extra envothemes の WordPress 用 envo extra におけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2024-10770 2025-01-30 11:40 2024-11-9 Show GitHub Exploit DB Packet Storm
148 5.4 警告
Network 		Brainstorm Force Elementor Header & Footer Builder Brainstorm Force の WordPress 用 Elementor Header & Footer Builder におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-11230 2025-01-30 11:39 2024-12-23 Show GitHub Exploit DB Packet Storm
149 4.3 警告
Network 		bdthemes element pack bdthemes の WordPress 用 element pack における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-11852 2025-01-30 11:39 2024-12-22 Show GitHub Exploit DB Packet Storm
150 8.8 重要
Network 		- IBM の Security Verify Access における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-49803 2025-01-30 11:14 2024-11-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 2, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274571 - phpsftpd phpsftpd inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to obtain the administrator's username and password by setting the do_login parameter and performing an edit action using user.php, w… NVD-CWE-Other
CVE-2005-2314 2011-03-8 11:24 2005-07-19 Show GitHub Exploit DB Packet Storm
274572 - rim blackberry_enterprise_server
blackberry_router 		Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets. NVD-CWE-Other
CVE-2005-2342 2011-03-8 11:24 2005-12-31 Show GitHub Exploit DB Packet Storm
274573 - rim blackberry_desktop_manager
blackberry_device_software
blackberry 		Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file… NVD-CWE-Other
CVE-2005-2343 2011-03-8 11:24 2005-12-31 Show GitHub Exploit DB Packet Storm
274574 - my_image_gallery my_image_gallery Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters. NVD-CWE-Other
CVE-2005-2603 2011-03-8 11:24 2005-08-17 Show GitHub Exploit DB Packet Storm
274575 - my_image_gallery my_image_gallery index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to obtain the web server path via certain currDir and image arguments, which leaks the path in an error message. NVD-CWE-Other
CVE-2005-2604 2011-03-8 11:24 2005-08-17 Show GitHub Exploit DB Packet Storm
274576 - phlymail phlymail Unknown vulnerability in the "frontend authentication" in PHlyMail 3.02.00 has unknown impact and attack vectors. NVD-CWE-Other
CVE-2005-2606 2011-03-8 11:24 2005-08-17 Show GitHub Exploit DB Packet Storm
274577 - ezupload ezupload Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.… NVD-CWE-Other
CVE-2005-2616 2011-03-8 11:24 2005-08-17 Show GitHub Exploit DB Packet Storm
274578 - kismet kismet Unspecified vulnerability in Kismet before 2005-08-R1 allows remote attackers to have an unknown impact via unprintable characters in the SSID. NVD-CWE-Other
CVE-2005-2626 2011-03-8 11:24 2005-08-19 Show GitHub Exploit DB Packet Storm
274579 - kismet kismet Multiple integer underflows in Kismet before 2005-08-R1 allow remote attackers to execute arbitrary code via (1) kernel headers in a pcap file or (2) data frame dissection, which leads to heap-based … NVD-CWE-Other
CVE-2005-2627 2011-03-8 11:24 2005-08-19 Show GitHub Exploit DB Packet Storm
274580 - up-imapproxy up-imapproxy Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a … NVD-CWE-Other
CVE-2005-2661 2011-03-8 11:24 2005-10-14 Show GitHub Exploit DB Packet Storm