Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 14, 2025, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
151 6.6 警告
Network 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022 		Windows DNS サーバーのリモートでコードが実行される脆弱性 New CWE-416
CWE-noinfo
CVE-2024-26223 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
152 6.6 警告
Network 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022 		Windows DNS サーバーのリモートでコードが実行される脆弱性 New CWE-416
CWE-noinfo
CVE-2024-26227 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
153 7 重要
Local 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2008
Microsoft Window… 		Windows Telephony Server の特権の昇格の脆弱性 New CWE-362
CWE-591
CVE-2024-26242 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
154 5.5 警告
Local 		マイクロソフト Microsoft Windows 11
Microsoft Windows Server 2019
Microsoft Windows 10
Microsoft Windows Server 2022 		Windows Remote Access Connection Manager の情報漏えいの脆弱性 New CWE-125
CWE-126
CVE-2024-26255 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
155 5.5 警告
Local 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Window… 		Windows Remote Access Connection Manager の情報漏えいの脆弱性 New CWE-125
CWE-126
CVE-2024-28901 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
156 7.5 重要
Adjacent 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Window… 		セキュア ブートのセキュリティ機能のバイパスの脆弱性 New CWE-122
CWE-noinfo
CVE-2024-28896 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
157 9.8 緊急
Network 		mysiteforme project mysiteforme wangl1989 の mysiteforme における信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-20
CWE-502
CWE-502
CVE-2024-13136 2025-01-14 14:12 2025-01-5 Show GitHub Exploit DB Packet Storm
158 9.8 緊急
Network 		TreasureHuntGame TreasureHunt TreasureHuntGame の TreasureHunt における SQL インジェクションの脆弱性 New CWE-74
CWE-89
CWE-89
CVE-2024-12894 2025-01-14 14:09 2024-12-22 Show GitHub Exploit DB Packet Storm
159 6.7 警告
Local 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Window… 		セキュア ブートのセキュリティ機能のバイパスの脆弱性 New CWE-693
CWE-noinfo
CVE-2024-28903 2025-01-14 14:03 2024-04-9 Show GitHub Exploit DB Packet Storm
160 5.5 警告
Local 		クアルコム WCD9385 ファームウェア
fastconnect 6700 ファームウェア
fastconnect 7800 ファームウェア
wsa8845 ファームウェア
wsa8840 ファームウェア
sc8380xp ファームウェア
WSA8830 ファームウェア
sn… 		複数のクアルコム製品における境界外読み取りに関する脆弱性 New CWE-125
CWE-126
CVE-2023-33078 2025-01-14 13:35 2023-05-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275421 - paessler ipcheck_server_monitor Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the probe settings," which has unknown impact and attack vectors. NVD-CWE-Other
CVE-2006-4461 2008-09-6 06:09 2006-09-1 Show GitHub Exploit DB Packet Storm
275422 - moderngigabyte modernbill ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST that do not verify SSL certificates, which allows remote attackers to read network … NVD-CWE-Other
CVE-2006-4499 2008-09-6 06:09 2006-09-1 Show GitHub Exploit DB Packet Storm
275423 - devellion cubecart Cross-site scripting (XSS) vulnerability in CubeCart 3.0.12 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the links array. NVD-CWE-Other
CVE-2006-4525 2008-09-6 06:09 2006-09-2 Show GitHub Exploit DB Packet Storm
275424 - devellion cubecart SQL injection vulnerability in includes/content/viewCat.inc.php in CubeCart 3.0.12 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the sea… NVD-CWE-Other
CVE-2006-4526 2008-09-6 06:09 2006-09-2 Show GitHub Exploit DB Packet Storm
275425 - devellion cubecart includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magic_quotes_gpc is disabled, uses an insufficiently restrictive regular expression to validate the gateway parameter, which allo… NVD-CWE-Other
CVE-2006-4527 2008-09-6 06:09 2006-09-2 Show GitHub Exploit DB Packet Storm
275426 - ibm lotus_notes IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is inside the "phrase"… NVD-CWE-Other
CVE-2006-3778 2008-09-6 06:08 2006-07-24 Show GitHub Exploit DB Packet Storm
275427 - kailash_nadh boastmachine The Languages selection in the admin interface in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to upload files with arbitrary extensions to… NVD-CWE-Other
CVE-2006-3830 2008-09-6 06:08 2006-07-25 Show GitHub Exploit DB Packet Storm
275428 - dokeos dokeos Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2006-3924 2008-09-6 06:08 2006-07-29 Show GitHub Exploit DB Packet Storm
275429 - pswd.js pswd.js The pswd.js script relies on the client to calculate whether a username and password match hard-coded hashed values for a server, and uses a hashing scheme that creates a large number of collisions, … CWE-255
Credentials Management 		CVE-2006-4068 2008-09-6 06:08 2006-08-10 Show GitHub Exploit DB Packet Storm
275430 - david_walker phpautomembersarea Unspecified vulnerability in phpAutoMembersArea (phpAMA) before 3.2.4 has unknown impact and attack vectors, related to "a potential security exploit which is critical." NVD-CWE-Other
CVE-2006-4084 2008-09-6 06:08 2006-08-11 Show GitHub Exploit DB Packet Storm