Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188351 4.3 警告 マカフィー - McAfee UTM Firewall の cgi-bin/cgix/help におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2290 2012-09-25 17:38 2010-06-15 Show GitHub Exploit DB Packet Storm
188352 4.3 警告 ジュニパーネットワークス - Juniper Networks IVE の dana/home/homepage.cgi におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2289 2012-09-25 17:38 2010-06-15 Show GitHub Exploit DB Packet Storm
188353 4.3 警告 ジュニパーネットワークス - Juniper Networks IVE の dana/nc/ncrun.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2288 2012-09-25 17:38 2010-06-15 Show GitHub Exploit DB Packet Storm
188354 4 警告 Moodle - Moodle の KSES テキストクリーニングフィルタにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2230 2012-09-25 17:38 2010-06-17 Show GitHub Exploit DB Packet Storm
188355 4.3 警告 Moodle - Moodle の blog/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2229 2012-09-25 17:38 2010-06-17 Show GitHub Exploit DB Packet Storm
188356 4.3 警告 Moodle - Moodle の MNET アクセスコントロールインターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2228 2012-09-25 17:38 2010-06-17 Show GitHub Exploit DB Packet Storm
188357 7.5 危険 murat ersoy - Cyberhost の default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2142 2012-09-25 17:38 2010-06-2 Show GitHub Exploit DB Packet Storm
188358 7.5 危険 nitropowered - NITRO Web Gallery の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2141 2012-09-25 17:38 2010-06-2 Show GitHub Exploit DB Packet Storm
188359 7.5 危険 multishopcms - Multishop CMS の itemdetail.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2140 2012-09-25 17:38 2010-06-2 Show GitHub Exploit DB Packet Storm
188360 7.5 危険 multishopcms - Multishop CMS の pages.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2139 2012-09-25 17:38 2010-06-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 25, 2025, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
511 7.8 HIGH
Local 		microsoft 365_apps
excel
office
office_online_server 		Microsoft Excel Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2025-21387 2025-02-20 01:55 2025-02-12 Show GitHub Exploit DB Packet Storm
512 9.8 CRITICAL
Network 		tenda ac6_firmware Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function. CWE-120
Classic Buffer Overflow 		CVE-2025-25343 2025-02-20 01:41 2025-02-13 Show GitHub Exploit DB Packet Storm
513 5.8 MEDIUM
Network 		- - A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been de… CWE-284
Improper Access Control 		CVE-2025-20153 2025-02-20 01:15 2025-02-20 Show GitHub Exploit DB Packet Storm
514 4.1 MEDIUM
Network 		- - A vulnerability, which was classified as problematic, was found in lmxcms 1.41. Affected is an unknown function of the file db.inc.php of the component Maintenance. The manipulation leads to code inj… CWE-94
CWE-74
Code Injection
Injection 		CVE-2025-1465 2025-02-20 01:15 2025-02-20 Show GitHub Exploit DB Packet Storm
515 8.0 HIGH
Network 		- - IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated attacker to conduct formula injection. An attacker could execute arbitrary commands on the sys… CWE-502
 Deserialization of Untrusted Data 		CVE-2024-45084 2025-02-20 01:15 2025-02-20 Show GitHub Exploit DB Packet Storm
516 6.1 MEDIUM
Network 		- - A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack agains… CWE-79
Cross-site Scripting 		CVE-2025-20211 2025-02-20 01:15 2025-02-20 Show GitHub Exploit DB Packet Storm
517 4.4 MEDIUM
Local 		- - A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To ex… CWE-200
Information Exposure 		CVE-2025-20158 2025-02-20 01:15 2025-02-20 Show GitHub Exploit DB Packet Storm
518 6.5 MEDIUM
Network 		- - IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an authenticated user to modify restricted content due to incorrect authorization checks. CWE-863
 Incorrect Authorization 		CVE-2024-45081 2025-02-20 01:15 2025-02-20 Show GitHub Exploit DB Packet Storm
519 5.9 MEDIUM
Network 		- - IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 Rich Client  uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2024-28780 2025-02-20 01:15 2025-02-20 Show GitHub Exploit DB Packet Storm
520 8.8 HIGH
Network 		- - IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to unrestricted deserialization. This vulnerability allows users to execute arbitrary code, escalate privil… CWE-502
 Deserialization of Untrusted Data 		CVE-2024-28777 2025-02-20 01:15 2025-02-20 Show GitHub Exploit DB Packet Storm