Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Dec. 24, 2024, 12:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
189001 7.5 危険 php director - PHP Director の videos.php における SQL インジェクションの脆弱性 - CVE-2007-3562 2012-09-25 16:47 2007-07-4 Show GitHub Exploit DB Packet Storm
189002 4.3 警告 Moodle - Moodle の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3555 2012-09-25 16:47 2007-07-4 Show GitHub Exploit DB Packet Storm
189003 7.6 危険 ヒューレット・パッカード - HP Instant Support - Driver Check におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-3554 2012-09-25 16:47 2007-06-13 Show GitHub Exploit DB Packet Storm
189004 4.3 警告 オラクル - Oracle Application Server 11i の Rapid Install Web Server におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3553 2012-09-25 16:47 2007-07-3 Show GitHub Exploit DB Packet Storm
189005 4.3 警告 Tenable, Inc. - Nessus Vulnerability Scanner の Windows GUI におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3546 2012-09-25 16:47 2007-07-3 Show GitHub Exploit DB Packet Storm
189006 7.8 危険 IBM - iSeries マシン上の IBM OS/400 におけるファイアーウォールルールを回避される脆弱性 - CVE-2007-3537 2012-09-25 16:47 2007-06-28 Show GitHub Exploit DB Packet Storm
189007 7.2 危険 NVIDIA - Gentoo Linux で使用される nvidia-drivers におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2007-3532 2012-09-25 16:47 2007-06-28 Show GitHub Exploit DB Packet Storm
189008 7.5 危険 hispah - youtubeclone の msg.php における SQL インジェクションの脆弱性 - CVE-2007-3518 2012-09-25 16:47 2007-07-3 Show GitHub Exploit DB Packet Storm
189009 7.5 危険 カスペルスキー - Kaspersky Anti-Spam の Web ベース製品における特定のディレクトリへのアクセス権を取得される脆弱性 - CVE-2007-3502 2012-09-25 16:47 2007-06-29 Show GitHub Exploit DB Packet Storm
189010 4.3 警告 htmlpurifier - HTML Purifier の smoketests/configForm.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3498 2012-09-25 16:47 2007-06-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Dec. 24, 2024, 4:05 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
21 - - - A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/faculty_action.php. … New CWE-89
CWE-74
SQL Injection
Injection
CVE-2024-12898 2024-12-23 10:15 2024-12-23 Show GitHub Exploit DB Packet Storm
22 - - - libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. New - CVE-2024-56378 2024-12-23 09:15 2024-12-23 Show GitHub Exploit DB Packet Storm
23 - - - A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222. It has been classified as critical. This affects an unknown part of the file ../mtd/Co… New CWE-23
CWE-24
 Relative Path Traversal
 Path Traversal: '../filedir'
CVE-2024-12897 2024-12-23 09:15 2024-12-23 Show GitHub Exploit DB Packet Storm
24 - - - An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a Manifest RPKI object … New - CVE-2024-56375 2024-12-23 08:15 2024-12-23 Show GitHub Exploit DB Packet Storm
25 - - - A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222 and classified as problematic. Affected by this issue is some unknown functionality of … New CWE-200
CWE-284
Information Exposure
Improper Access Control
CVE-2024-12896 2024-12-23 08:15 2024-12-23 Show GitHub Exploit DB Packet Storm
26 - - - A stored cross-site scripting (XSS) vulnerability in the Project name of REDCap through 15.0.0 allows authenticated users to inject malicious scripts into the name field of a Project. When a user cli… New - CVE-2024-56314 2024-12-23 07:15 2024-12-23 Show GitHub Exploit DB Packet Storm
27 - - - A stored cross-site scripting (XSS) vulnerability in the Calendar feature of REDCap through 15.0.0 allows authenticated users to inject malicious scripts into the Notes field of a calendar event. Whe… New - CVE-2024-56313 2024-12-23 07:15 2024-12-23 Show GitHub Exploit DB Packet Storm
28 - - - A stored cross-site scripting (XSS) vulnerability in the Project Dashboard name of REDCap through 15.0.0 allows authenticated users to inject malicious scripts into the name field of a Project Dashbo… New - CVE-2024-56312 2024-12-23 07:15 2024-12-23 Show GitHub Exploit DB Packet Storm
29 - - - REDCap through 15.0.0 has a security flaw in the Notes section of calendar events, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into acce… New - CVE-2024-56311 2024-12-23 06:15 2024-12-23 Show GitHub Exploit DB Packet Storm
30 - - - REDCap through 15.0.0 has a security flaw in the Project Dashboards name, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into clicking on a… New - CVE-2024-56310 2024-12-23 06:15 2024-12-23 Show GitHub Exploit DB Packet Storm