Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188601 7.5 危険 imagoscripts - ImagoScripts Deviant Art Clone の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1070 2012-09-25 17:38 2010-03-23 Show GitHub Exploit DB Packet Storm
188602 4.3 警告 Netwin Ltd - NetWin SurgeFTP の surgeftpmgr.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1068 2012-09-25 17:38 2010-03-23 Show GitHub Exploit DB Packet Storm
188603 5 警告 hasmir alic - E-membres におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1067 2012-09-25 17:38 2010-03-23 Show GitHub Exploit DB Packet Storm
188604 6.9 警告 Linux - Linux kernel における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1146 2012-09-25 17:38 2010-02-24 Show GitHub Exploit DB Packet Storm
188605 5 警告 マイクロソフト - Microsoft Internet Explorer 6 および 7 におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2010-1127 2012-09-25 17:38 2010-03-26 Show GitHub Exploit DB Packet Storm
188606 7.8 危険 IBM - IBM AIX 用の bos.rte.libc におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2010-1124 2012-09-25 17:38 2010-03-26 Show GitHub Exploit DB Packet Storm
188607 10 危険 Mozilla Foundation - Mozilla Firefox におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2010-1122 2012-09-25 17:38 2010-03-13 Show GitHub Exploit DB Packet Storm
188608 10 危険 マイクロソフト - Microsoft Windows 7 上の Internet Explorer 8 における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-1118 2012-09-25 17:38 2010-03-25 Show GitHub Exploit DB Packet Storm
188609 5 警告 lebisoft - Lebisoft Ziyaretci Defteri におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1065 2012-09-25 17:38 2010-03-23 Show GitHub Exploit DB Packet Storm
188610 7.5 危険 parscms - Pars CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1054 2012-09-25 17:38 2010-03-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 22, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1371 - - - Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read … CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2024-13843 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1372 - - - A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data. CWE-321
 Use of Hard-coded Cryptographic Key 		CVE-2024-13842 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1373 - - - Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2024-13813 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1374 - - - External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read … CWE-73
 External Control of File Name or Path 		CVE-2024-12058 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1375 - - - Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality. CWE-22
Path Traversal 		CVE-2024-11771 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1376 - - - Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code ex… CWE-94
Code Injection 		CVE-2024-10644 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1377 - - - In affected versions of Octopus Deploy where customers are using Active Directory for authentication it was possible for an unauthenticated user to make an API request against two endpoints which wou… - CVE-2025-0589 2025-02-12 01:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1378 - - - A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulati… - CVE-2025-1178 2025-02-12 01:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1379 - - - The Stray Random Quotes WordPress plugin through 1.9.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used … - CVE-2024-13570 2025-02-12 01:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1380 - - - The Zarinpal Paid Download WordPress plugin through 2.3 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they s… - CVE-2024-13544 2025-02-12 01:15 2025-02-11 Show GitHub Exploit DB Packet Storm