Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 24, 2025, 12:05 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
151 8.8 重要
Network 		jfinaloa project jfinaloa jfinaloa project の jfinaloa における SQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2024-57769 2025-01-23 11:48 2025-01-16 Show GitHub Exploit DB Packet Storm
152 8.8 重要
Network 		jfinaloa project jfinaloa jfinaloa project の jfinaloa における SQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2024-57770 2025-01-23 11:48 2025-01-16 Show GitHub Exploit DB Packet Storm
153 8.8 重要
Network 		code-projects Online  Shoe Store code-projects の Online Shoe Store における脆弱性 New CWE-266
CWE-284
CWE-noinfo
CVE-2025-0206 2025-01-23 11:48 2025-01-4 Show GitHub Exploit DB Packet Storm
154 7.5 重要
Network 		Palo Alto Networks PAN-OS Palo Alto Networks の PAN-OS における有効期限後のメモリの解放の欠如に関する脆弱性 New CWE-401
CWE-770
CVE-2024-3382 2025-01-23 11:48 2024-04-10 Show GitHub Exploit DB Packet Storm
155 6.1 警告
Network 		フォーティネット FortiAuthenticator フォーティネットの FortiAuthenticator におけるオープンリダイレクトの脆弱性 New CWE-601
オープンリダイレクト 		CVE-2024-23664 2025-01-23 11:47 2024-05-14 Show GitHub Exploit DB Packet Storm
156 9.8 緊急
Network 		Zephyr Project Zephyr Zephyr Project の Zephyr における境界外書き込みに関する脆弱性 New CWE-121
CWE-787
CVE-2023-6749 2025-01-23 11:46 2023-12-12 Show GitHub Exploit DB Packet Storm
157 8.8 重要
Network 		podsfoundation pods podsfoundation の WordPress 用 pods における脆弱性 New CWE-noinfo
情報不足 		CVE-2023-6999 2025-01-23 11:46 2023-12-20 Show GitHub Exploit DB Packet Storm
158 9.8 緊急
Network 		Cozmoslabs Membership & Content Restriction - Paid Member Subscriptions Cozmoslabs の WordPress 用 Membership & Content Restriction - Paid Member Subscriptions における脆弱性 New CWE-287
CWE-Other
CVE-2024-12919 2025-01-23 11:46 2024-12-24 Show GitHub Exploit DB Packet Storm
159 5.4 警告
Network 		exclusiveaddons exclusive addons for elementor exclusiveaddons の WordPress 用 exclusive addons for elementor におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1414 2025-01-23 11:46 2024-03-13 Show GitHub Exploit DB Packet Storm
160 6.5 警告
Network 		HasThemes HT Mega - Absolute Addons For Elementor HasThemes の WordPress 用 HT Mega - Absolute Addons For Elementor におけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2024-1974 2025-01-23 11:46 2024-04-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274831 - rim blackberry_enterprise_server
blackberry_professional_software 		Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerr… NVD-CWE-noinfo
CVE-2009-2646 2009-08-6 13:00 2009-07-31 Show GitHub Exploit DB Packet Storm
274832 - microsoft internet_explorer Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0.6000.16473 allows remote attackers to cause a denial of service (CPU consumption) via an XML document composed of a long series o… CWE-399
 Resource Management Errors 		CVE-2009-2668 2009-08-6 13:00 2009-08-6 Show GitHub Exploit DB Packet Storm
274833 - ibm tivoli_identity_manager Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0 allow remote attackers to inject arbitrary web script or HTML by entering an unspecified URL in (1) the s… CWE-79
Cross-site Scripting 		CVE-2009-2316 2009-08-5 14:25 2009-07-6 Show GitHub Exploit DB Packet Storm
274834 - ibm tivoli_identity_manager Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self se… CWE-20
 Improper Input Validation  		CVE-2009-2583 2009-08-4 14:25 2009-07-24 Show GitHub Exploit DB Packet Storm
274835 - xoops xoops Cross-site scripting (XSS) vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private … CWE-79
Cross-site Scripting 		CVE-2008-6885 2009-08-3 13:00 2009-08-1 Show GitHub Exploit DB Packet Storm
274836 - apache roller Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action. CWE-79
Cross-site Scripting 		CVE-2008-6879 2009-07-31 13:00 2009-07-31 Show GitHub Exploit DB Packet Storm
274837 - kerio kerio_mailserver Cross-site scripting (XSS) vulnerability in the Integration page in the WebMail component in Kerio MailServer 6.6.0, 6.6.1, 6.6.2, and 6.7.0 allows remote attackers to inject arbitrary web script or … CWE-79
Cross-site Scripting 		CVE-2009-2636 2009-07-29 13:00 2009-07-29 Show GitHub Exploit DB Packet Storm
274838 - scott_courtney links_package Cross-site scripting (XSS) vulnerability in the Links Related module in the Links Package 5.x before 5.x-1.13 and 6.x before 6.x-1.2, a module for Drupal, allows remote authenticated users to inject … CWE-79
Cross-site Scripting 		CVE-2009-2610 2009-07-28 03:30 2009-07-28 Show GitHub Exploit DB Packet Storm
274839 - prosmdr prosmdr SQL injection vulnerability in login.aspx in ProSMDR allows remote attackers to execute arbitrary SQL commands via the txtUser parameter. NOTE: the provenance of this information is unknown; the deta… CWE-89
SQL Injection 		CVE-2009-2612 2009-07-28 03:30 2009-07-28 Show GitHub Exploit DB Packet Storm
274840 - datachecknh linkpal Multiple cross-site scripting (XSS) vulnerabilities in DataCheck Solutions LinkPal 1.x allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) z_loginfailed.asp, (… CWE-79
Cross-site Scripting 		CVE-2009-2613 2009-07-28 03:30 2009-07-28 Show GitHub Exploit DB Packet Storm