Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1761	4.3	警告 Network	LadiPage	LadiPage	WordPress 用 LadiPage におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2023-4731	2025-01-16 15:12	2023-09-1	Show	GitHub Exploit DB Packet Storm

1762	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2023-52483	2025-01-16 15:09	2023-10-10	Show	GitHub Exploit DB Packet Storm

1763	4.3	警告 Network	LadiPage	LadiPage	WordPress 用 LadiPage におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2023-4629	2025-01-16 15:06	2023-08-30	Show	GitHub Exploit DB Packet Storm

1764	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性	CWE-noinfo 情報不足	CVE-2022-48628	2025-01-16 15:02	2022-12-21	Show	GitHub Exploit DB Packet Storm

1765	7.8	重要 Local	Huawei	Mate 20 Pro ファームウェア Mate 20 Pro (UD) ファームウェア Nova 5i ファームウェア	複数の Huawei 製品における脆弱性	CWE-269 CWE-noinfo	CVE-2020-9080	2025-01-16 14:55	2020-02-18	Show	GitHub Exploit DB Packet Storm

1766	7.2	重要 Network	FireBear Studio	Improved Import & Export	FireBear Studio の Magento 用 Improved Import & Export におけるブラインド XPath インジェクションの脆弱性	CWE-91 ブラインド XPath インジェクション	CVE-2024-25413	2025-01-16 14:52	2024-02-16	Show	GitHub Exploit DB Packet Storm

1767	5.4	警告 Network	LadiPage	LadiPage	WordPress 用 LadiPage におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2023-4728	2025-01-16 14:52	2023-09-1	Show	GitHub Exploit DB Packet Storm

1768	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2021-47437	2025-01-16 14:48	2021-09-25	Show	GitHub Exploit DB Packet Storm

1769	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2021-47469	2025-01-16 14:48	2021-10-14	Show	GitHub Exploit DB Packet Storm

1770	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2021-47505	2025-01-16 14:48	2021-12-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 23, 2025, 4:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
278861	-	google	desktop	Google Desktop allows user-assisted remote attackers to execute arbitrary programs via a man-in-the-middle attack that injects JavaScript, a www.google.com search IFRAME, and a META HTTP-EQUIV="refre…	NVD-CWE-Other	CVE-2007-3150	2008-11-15 15:51	2007-06-12	Show	GitHub Exploit DB Packet Storm

278862	-	jelsoft	vbsupport_integrated_ticket_system	SQL injection vulnerability in vBSupport.php in vBSupport 1.1 before 1.1a allows remote attackers to execute arbitrary SQL commands via unspecified vectors.	NVD-CWE-Other	CVE-2007-3197	2008-11-15 15:51	2007-06-13	Show	GitHub Exploit DB Packet Storm

278863	-	galix	galix	Multiple cross-site scripting (XSS) vulnerabilities in index.php in GaliX 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) galix_cat_detail, (2) galix_gal_detail, and (3)…	NVD-CWE-Other	CVE-2007-2806	2008-11-15 15:50	2007-05-23	Show	GitHub Exploit DB Packet Storm

278864	-	apple	safari	Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted information from other domains via Javascript, as demonstrated by a js script that accesses the location …	NVD-CWE-Other	CVE-2007-2843	2008-11-15 15:50	2007-05-25	Show	GitHub Exploit DB Packet Storm

278865	-	microsoft	visual_database_tools_database_designer	The NotSafe function in the MSVDTDatabaseDesigner7 ActiveX control in VDT70.DLL in Microsoft Visual Database Tools (MSVDT) Database Designer 7.0 allows remote attackers to cause a denial of service (…	NVD-CWE-Other	CVE-2007-2885	2008-11-15 15:50	2007-05-30	Show	GitHub Exploit DB Packet Storm

278866	-	sun	java_system_messaging_server	Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.0 through 6.3, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspec…	NVD-CWE-Other	CVE-2007-2904	2008-11-15 15:50	2007-05-30	Show	GitHub Exploit DB Packet Storm

278867	-	jelsoft	vbulletin	Unspecified vulnerability in Jelsoft vBulletin before 3.6.6, when unauthenticated User Infraction Permissions is disabled, allows remote attackers to see the infraction "red flag" for a deleted user.	NVD-CWE-Other	CVE-2007-2912	2008-11-15 15:50	2007-05-30	Show	GitHub Exploit DB Packet Storm

278868	-	mambo	mambo	MOStlyDB Admin in Mambo 4.6.1 does not properly check privileges, which allows remote authenticated administrators to have an unknown impact via unspecified vectors. NOTE: the provenance of this inf…	NVD-CWE-Other	CVE-2007-2557	2008-11-15 15:49	2007-05-10	Show	GitHub Exploit DB Packet Storm

278869	-	parallels	parallels_desktop	Heap-based buffer overflow in the VGA device in Parallels allows local users, with root access to the guest operating system, to terminate the virtual machine and possibly execute arbitrary code in t…	NVD-CWE-Other	CVE-2007-2454	2008-11-15 15:48	2007-05-3	Show	GitHub Exploit DB Packet Storm

278870	-	parallels	parallels_desktop	Parallels allows local users to cause a denial of service (virtual machine abort) via (1) certain INT instructions, as demonstrated by INT 0xAA; (2) an IRET instruction when an invalid address is at …	NVD-CWE-Other	CVE-2007-2455	2008-11-15 15:48	2007-05-3	Show	GitHub Exploit DB Packet Storm