Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 12, 2025, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189011 5 警告 LIGHTTPD - lighttpd の mod_cgi における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-1111 2012-09-25 16:59 2008-03-4 Show GitHub Exploit DB Packet Storm
189012 7.5 危険 mamboportal.com - Mambo 用の simpleboard Stable コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1077 2012-09-25 16:59 2008-02-28 Show GitHub Exploit DB Packet Storm
189013 4.3 警告 interspire - Interspire Shopping Cart の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1076 2012-09-25 16:59 2008-02-28 Show GitHub Exploit DB Packet Storm
189014 4.3 警告 David Ian Bennett - Maian Cart の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1075 2012-09-25 16:59 2008-02-28 Show GitHub Exploit DB Packet Storm
189015 5 警告 intervideo - InterVideo WinDVD Media Center などにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-1062 2012-09-25 16:59 2008-02-28 Show GitHub Exploit DB Packet Storm
189016 7.8 危険 OpenBSD - OpenBSD の netinet/tcp_subr.c の tcp_respond 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2008-1058 2012-09-25 16:59 2008-02-22 Show GitHub Exploit DB Packet Storm
189017 7.8 危険 OpenBSD - OpenBSD の netinet6/ip6_input.c の ip6_check_rh0hdr 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2008-1057 2012-09-25 16:59 2008-02-25 Show GitHub Exploit DB Packet Storm
189018 7.5 危険 Netwin Ltd - NetWin SurgeMail および WebMail の webmail.exe におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2008-1055 2012-09-25 16:59 2008-02-27 Show GitHub Exploit DB Packet Storm
189019 6.4 警告 Netwin Ltd - NetWin SurgeMail の _lib_spawn_user_getpid 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1054 2012-09-25 16:59 2008-02-27 Show GitHub Exploit DB Packet Storm
189020 6.4 警告 Netwin Ltd - NetWin SurgeFTP の管理 Web インターフェースにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-1052 2012-09-25 16:59 2008-02-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 12, 2025, 4:59 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
401 - - - An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulner… New - CVE-2023-24010 2025-01-10 01:15 2025-01-10 Show GitHub Exploit DB Packet Storm
402 - - - The BU Section Editing WordPress plugin through 0.9.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used a… New - CVE-2024-12736 2025-01-10 01:15 2025-01-9 Show GitHub Exploit DB Packet Storm
403 - - - The Aklamator INfeed WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used aga… New - CVE-2024-12731 2025-01-10 01:15 2025-01-9 Show GitHub Exploit DB Packet Storm
404 - - - The Asgard Security Scanner WordPress plugin through 0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be use… New - CVE-2024-12715 2025-01-10 01:15 2025-01-9 Show GitHub Exploit DB Packet Storm
405 - - - The Backlink Monitoring Manager WordPress plugin through 0.1.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could … New - CVE-2024-12714 2025-01-10 01:15 2025-01-9 Show GitHub Exploit DB Packet Storm
406 - - - The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old… New - CVE-2024-10815 2025-01-10 01:15 2025-01-9 Show GitHub Exploit DB Packet Storm
407 - - - An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 allows attackers to cause a Denial of Service (DoS) via a crafted XML payload. Update - CVE-2024-46603 2025-01-10 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
408 - - - An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML External Entity (XXE) vulnerability may allow an attacker to cause a Denial of Service (DoS) via a cra… Update - CVE-2024-46602 2025-01-10 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
409 - - - Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow. Update - CVE-2024-46601 2025-01-10 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
410 5.5 MEDIUM
Local 		dell powerscale_onefs Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerab… Update CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2024-47475 2025-01-10 01:04 2025-01-7 Show GitHub Exploit DB Packet Storm