Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
187541 7.5 危険 Intelliants - Subrion CMS の register/ における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-4772 2012-10-24 16:37 2012-10-22 Show GitHub Exploit DB Packet Storm
187542 4.3 警告 Intelliants - Subrion CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4771 2012-10-24 16:36 2012-10-22 Show GitHub Exploit DB Packet Storm
187543 3.6 注意 OpenFabrics Alliance - ibacm における ib_acm デーモンログまたは ibacm.port ファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4518 2012-10-24 16:35 2012-10-22 Show GitHub Exploit DB Packet Storm
187544 5 警告 OpenFabrics Alliance - ibacm におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-4517 2012-10-24 16:34 2012-10-22 Show GitHub Exploit DB Packet Storm
187545 5.8 警告 OpenFabrics Alliance - librdmacm におけるアプリケーションのアドレス解決情報を設定される脆弱性 CWE-Other
その他 		CVE-2012-4516 2012-10-24 15:52 2012-10-22 Show GitHub Exploit DB Packet Storm
187546 5.8 警告 libsocialweb - libsocialweb における重要な情報を取得される脆弱性 CWE-16
環境設定 		CVE-2012-4511 2012-10-24 15:36 2012-10-22 Show GitHub Exploit DB Packet Storm
187547 7.5 危険 Intelliants - Subrion CMS の admin/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5212 2012-10-24 11:39 2012-10-22 Show GitHub Exploit DB Packet Storm
187548 4.3 警告 Intelliants - Subrion CMS の poll モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5211 2012-10-24 11:38 2012-10-22 Show GitHub Exploit DB Packet Storm
187549 5.8 警告 libsocialweb - libsocialweb における重要な情報を取得される脆弱性 CWE-16
環境設定 		CVE-2011-4129 2012-10-24 11:37 2012-10-22 Show GitHub Exploit DB Packet Storm
187550 4.3 警告 phpMyFAQ - phpMyFAQ におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4821 2012-10-24 11:34 2010-09-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 5, 2025, 4:56 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
151 - - - Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users (possibly anonymous ones if the widget is used in the dashboard of a public project) might get a… New CWE-280
Improper Handling of Insufficient Permissions or Privileges  		CVE-2025-24029 2025-02-4 07:15 2025-02-4 Show GitHub Exploit DB Packet Storm
152 - - - phpoffice/phpspreadsheet is a pure PHP library for reading and writing spreadsheet files. Affected versions have been found to have a Bypass of the Cross-site Scripting (XSS) sanitizer using the java… New CWE-79
Cross-site Scripting 		CVE-2025-23210 2025-02-4 07:15 2025-02-4 Show GitHub Exploit DB Packet Storm
153 - - - Tuleap is an Open Source Suite to improve management of software developments and collaboration. In affected versions an unauthorized user might get access to restricted information. This issue has b… New CWE-280
Improper Handling of Insufficient Permissions or Privileges  		CVE-2025-22129 2025-02-4 07:15 2025-02-4 Show GitHub Exploit DB Packet Storm
154 - - - Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based env… New CWE-269
 Improper Privilege Management 		CVE-2024-47770 2025-02-4 07:15 2025-02-4 Show GitHub Exploit DB Packet Storm
155 - - - CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the `blocksync` protocol peers send their `base` and `latest` heights when they connect to a ne… New CWE-703
 Improper Check or Handling of Exceptional Conditions 		CVE-2025-24371 2025-02-4 07:15 2025-02-4 Show GitHub Exploit DB Packet Storm
156 - - - Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based env… New CWE-284
Improper Access Control 		CVE-2024-35177 2025-02-4 07:15 2025-02-4 Show GitHub Exploit DB Packet Storm
157 - - - reNgine is an automated reconnaissance framework for web applications. In affected versions a user can inject commands via the nmap_cmd parameters. This issue has been addressed in commit `c28e5c8d` … New CWE-74
Injection 		CVE-2025-24962 2025-02-4 06:15 2025-02-4 Show GitHub Exploit DB Packet Storm
158 - - - org.gaul S3Proxy implements the S3 API and proxies requests. Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to users. This issue has been addres… New CWE-22
Path Traversal 		CVE-2025-24961 2025-02-4 06:15 2025-02-4 Show GitHub Exploit DB Packet Storm
159 - - - Jellystat is a free and open source Statistics App for Jellyfin. In affected versions Jellystat is directly using a user input in the route(s). This can lead to Path Traversal Vulnerabilities. Since … New CWE-22
Path Traversal 		CVE-2025-24960 2025-02-4 06:15 2025-02-4 Show GitHub Exploit DB Packet Storm
160 - - - zx is a tool for writing better scripts. An attacker with control over environment variable values can inject unintended environment variables into `process.env`. This can lead to arbitrary command e… New CWE-94
Code Injection 		CVE-2025-24959 2025-02-4 06:15 2025-02-4 Show GitHub Exploit DB Packet Storm