Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 22, 2025, 6:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
188041	9.3	危険	Nullsoft	-	Winamp の jpeg.w5s などのフィルタにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-4356	2012-09-25 17:38	2009-12-15	Show	GitHub Exploit DB Packet Storm

188042	4.3	警告	haroldbakker	-	HB-NS の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4348	2012-09-25 17:38	2009-12-17	Show	GitHub Exploit DB Packet Storm

188043	4.3	警告	liran tal	-	daloRADIUS の daloradius-users/login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4347	2012-09-25 17:38	2009-12-17	Show	GitHub Exploit DB Packet Storm

188044	4.3	警告	jonas renggli	-	TYPO3 用の vshoutbox 拡張におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4345	2012-09-25 17:38	2009-12-17	Show	GitHub Exploit DB Packet Storm

188045	7.5	危険	melvin mach	-	TYPO3 用の Job Exchange エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4342	2012-09-25 17:38	2009-12-17	Show	GitHub Exploit DB Packet Storm

188046	7.5	危険	mischa heissmann	-	TYPO3 用の No indexed Search エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4341	2012-09-25 17:38	2009-12-17	Show	GitHub Exploit DB Packet Storm

188047	4.3	警告	mischa heissmann	-	TYPO3 用の No indexed Search エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4340	2012-09-25 17:38	2009-12-17	Show	GitHub Exploit DB Packet Storm

188048	7.5	危険	jean-david gadina	-	TYPO3 用の Flash SlideShow 拡張における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4338	2012-09-25 17:38	2009-12-17	Show	GitHub Exploit DB Packet Storm

188049	4.6	警告	IBM	-	IBM DB2 の STMM コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4334	2012-09-25 17:38	2009-12-16	Show	GitHub Exploit DB Packet Storm

188050	5	警告	IBM	-	IBM DB2 の db2pd におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-4332	2012-09-25 17:38	2009-12-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 22, 2025, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
11	-		-	-	In many locations, there is a possible way to access kernel memory in user space due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privil… Update	-	CVE-2018-9401	2025-01-22 01:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

12	-		-	-	In multiple functions of mnh-sm.c, there is a possible way to trigger a heap overflow due to an integer overflow. This could lead to local escalation of privilege with no additional execution privile… Update	-	CVE-2018-9387	2025-01-22 01:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

13	6.3	MEDIUM Network	-	-	A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/new_submit.php. The manipulation of t… Update	-	CVE-2025-0532	2025-01-22 01:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

14	-		-	-	PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /edit-profile.php via the parameter $address. New	-	CVE-2024-56998	2025-01-22 00:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

15	-		-	-	PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /doctor/index.php via the 'Email' parameter. New	-	CVE-2024-56997	2025-01-22 00:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

16	-		-	-	CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Cross-site request forgery allows an unauthenticated attacker to hijack the aut… New	-	CVE-2024-53829	2025-01-22 00:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

17	-		-	-	On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site's origin on the OS-provided file selector dialog when a site prompts the user to upload or download a… New	-	CVE-2025-23086	2025-01-22 00:15	2025-01-21	Show	GitHub Exploit DB Packet Storm

18	-		-	-	WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adi… New	-	CVE-2025-23220	2025-01-22 00:15	2025-01-21	Show	GitHub Exploit DB Packet Storm

19	-		-	-	WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adi… New	-	CVE-2025-23219	2025-01-22 00:15	2025-01-21	Show	GitHub Exploit DB Packet Storm

20	-		-	-	WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adi… New	-	CVE-2025-23218	2025-01-22 00:15	2025-01-21	Show	GitHub Exploit DB Packet Storm