Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1711	7.2	重要 Network	Phoenix Cart	CE Phoenix Cart	Phoenix Cart の CE Phoenix Cart におけるコードインジェクションの脆弱性	CWE-94 CWE-94	CVE-2024-25415	2025-01-16 16:55	2024-02-16	Show	GitHub Exploit DB Packet Storm

1712	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性	CWE-Other その他	CVE-2022-48639	2025-01-16 16:48	2022-09-22	Show	GitHub Exploit DB Packet Storm

1713	7	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における競合状態に関する脆弱性	CWE-362 競合状態	CVE-2023-52480	2025-01-16 16:48	2023-10-4	Show	GitHub Exploit DB Packet Storm

1714	7	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における競合状態に関する脆弱性	CWE-362 競合状態	CVE-2023-52517	2025-01-16 16:48	2023-09-4	Show	GitHub Exploit DB Packet Storm

1715	7.1	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2023-52519	2025-01-16 16:48	2023-10-5	Show	GitHub Exploit DB Packet Storm

1716	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2023-52524	2025-01-16 16:48	2023-10-3	Show	GitHub Exploit DB Packet Storm

1717	7.1	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2023-52525	2025-01-16 16:48	2023-09-18	Show	GitHub Exploit DB Packet Storm

1718	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における二重解放に関する脆弱性	CWE-415 二重解放	CVE-2024-56704	2025-01-16 16:48	2024-11-22	Show	GitHub Exploit DB Packet Storm

1719	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	fh1205 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の fh1205 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-3011	2025-01-16 16:42	2024-03-28	Show	GitHub Exploit DB Packet Storm

1720	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	W15E ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の W15E ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-4116	2025-01-16 16:42	2024-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 12, 2025, 4:14 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
276581	-	runcms	runcms	Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly hand…	CWE-89 SQL Injection	CVE-2009-3804	2009-10-28 13:00	2009-10-28	Show	GitHub Exploit DB Packet Storm

276582	-	runcms	runcms	Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the (1) forum parameter to modules/forum/post.php and possibly (2) forum_id…	CWE-89 SQL Injection	CVE-2009-3813	2009-10-28 13:00	2009-10-28	Show	GitHub Exploit DB Packet Storm

276583	-	runcms	runcms	Static code injection vulnerability in RunCMS 2M1 allows remote authenticated administrators to execute arbitrary PHP code via the "Filter/Banning" feature, as demonstrated by modifying modules/syste…	CWE-94 Code Injection	CVE-2009-3814	2009-10-28 13:00	2009-10-28	Show	GitHub Exploit DB Packet Storm

276584	-	runcms	runcms	RunCMS 2M1, when running with certain error_reporting levels, allows remote attackers to obtain sensitive information via (1) the op[] parameter to modules/contact/index.php or (2) uid[] parameter to…	CWE-200 Information Exposure	CVE-2009-3815	2009-10-28 13:00	2009-10-28	Show	GitHub Exploit DB Packet Storm

276585	-	ibm	rational_requisitepro	Multiple cross-site scripting (XSS) vulnerabilities in the ReqWeb Help feature (aka the Web Client Help system) in IBM Rational RequisitePro 7.1.0 allow remote attackers to inject arbitrary web scrip…	CWE-79 Cross-site Scripting	CVE-2009-3730	2009-10-27 14:28	2009-10-21	Show	GitHub Exploit DB Packet Storm

276586	-	mysql-ocaml	mysql-ocaml	The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character en…	NVD-CWE-noinfo	CVE-2009-2942	2009-10-27 14:27	2009-10-23	Show	GitHub Exploit DB Packet Storm

276587	-	sjoerd_arendsen	simplenews_statistics	Open redirect vulnerability in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspeci…	CWE-352 Origin Validation Error	CVE-2009-3784	2009-10-27 13:00	2009-10-27	Show	GitHub Exploit DB Packet Storm

276588	-	ocaml	postgresql-ocaml	The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues inv…	NVD-CWE-noinfo	CVE-2009-2943	2009-10-23 13:00	2009-10-23	Show	GitHub Exploit DB Packet Storm

276589	-	gallium.inria	camimages	Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow remote attackers to execute arbitrary code via TIFF images containing large width and height values that trigger heap-based buff…	CWE-189 Numeric Errors	CVE-2009-3296	2009-10-21 13:00	2009-10-21	Show	GitHub Exploit DB Packet Storm

276590	-	vmware	fusion	Integer overflow in the vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 allows host OS users to cause a denial of service to the host OS via unspecified vectors.	CWE-189 Numeric Errors	CVE-2009-3282	2009-10-20 13:00	2009-10-17	Show	GitHub Exploit DB Packet Storm