Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188471 6.8 警告 Mahara - Mahara におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-1668 2012-09-25 17:38 2010-07-6 Show GitHub Exploit DB Packet Storm
188472 4.3 警告 Mahara - Mahara におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1667 2012-09-25 17:38 2010-07-6 Show GitHub Exploit DB Packet Storm
188473 4.3 警告 jcink - PHPQA の acpmoderate.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1662 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188474 7.5 危険 jcink - PHPQA における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1661 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188475 7.5 危険 instantrankingseo - Infocus Real Estate の system_member_login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1654 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188476 7.5 危険 htmlcoderhelper - Com_graphics の graphics.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1653 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188477 5 警告 helpcenterlive - HCL の HelpCenter モジュールにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1652 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188478 1.9 注意 IBM - IBM WAS における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2010-1651 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188479 1.9 注意 IBM - IBM WAS における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2010-1650 2012-09-25 17:38 2010-05-3 Show GitHub Exploit DB Packet Storm
188480 4.3 警告 Joomla! - Joomla! のバックエンドにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1649 2012-09-25 17:38 2010-05-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 22, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1211 - - - A bug in the SEV firmware may allow an attacker with privileges to read unencrypted memory, potentially resulting in loss of guest private data. - CVE-2023-31352 2025-02-12 09:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1212 - - - CtrlPanel is open-source billing software for hosting providers. Prior to version 1.0, a Cross-Site Scripting (XSS) vulnerability exists in the `TicketsController` and `Moderation/TicketsController` … CWE-79
Cross-site Scripting 		CVE-2025-25203 2025-02-12 08:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1213 - - - Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. - CVE-2023-31343 2025-02-12 08:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1214 - - - Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. - CVE-2023-31342 2025-02-12 08:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1215 8.8 HIGH
Network 		microsoft dynamics_365_sales Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2025-21177 2025-02-12 07:19 2025-02-7 Show GitHub Exploit DB Packet Storm
1216 5.3 MEDIUM
Network 		microsoft edge Microsoft Edge for IOS and Android Spoofing Vulnerability NVD-CWE-noinfo
CVE-2025-21253 2025-02-12 07:18 2025-02-7 Show GitHub Exploit DB Packet Storm
1217 8.8 HIGH
Network 		microsoft edge_chromium Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2025-21279 2025-02-12 07:16 2025-02-7 Show GitHub Exploit DB Packet Storm
1218 4.4 MEDIUM
Local 		microsoft edge_chromium Microsoft Edge (Chromium-based) Spoofing Vulnerability NVD-CWE-noinfo
CVE-2025-21267 2025-02-12 07:16 2025-02-7 Show GitHub Exploit DB Packet Storm
1219 - - - WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interact… CWE-787
 Out-of-bounds Write 		CVE-2025-1240 2025-02-12 07:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1220 - - - GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch soft… CWE-200
Information Exposure 		CVE-2024-32037 2025-02-12 07:15 2025-02-12 Show GitHub Exploit DB Packet Storm