Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 3, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189101	3.5	注意	IBM	-	ISS Proventia Network IPS GX5108 などの alert.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3830	2012-09-25 16:47	2007-07-17	Show	GitHub Exploit DB Packet Storm

189102	9.3	危険	ROXIO interactual technologies	-	InterActual Player などにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-3829	2012-09-25 16:47	2007-07-17	Show	GitHub Exploit DB Packet Storm

189103	5	警告	Mozilla Foundation	-	Mozilla Firefox における任意のドメイン間で情報を受け渡される脆弱性	-	CVE-2007-3827	2012-09-25 16:47	2007-07-17	Show	GitHub Exploit DB Packet Storm

189104	10	危険	mehmet zati karahan	-	MzK Blog の katgoster.asp における SQL インジェクションの脆弱性	-	CVE-2007-3824	2012-09-25 16:47	2007-07-16	Show	GitHub Exploit DB Packet Storm

189105	7.8	危険	Ipswitch, Inc.	-	IPSwitch WS_FTP の Logsrv.exe におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3823	2012-09-25 16:47	2007-07-16	Show	GitHub Exploit DB Packet Storm

189106	5	警告	Opera Software ASA	-	Opera におけるアドレスバーの data: URI スキームを偽造される脆弱性	CWE-DesignError	CVE-2007-3819	2012-09-25 16:47	2007-07-16	Show	GitHub Exploit DB Packet Storm

189107	7.5	危険	mkportal	-	MKPortal における SQL インジェクションの脆弱性	-	CVE-2007-3814	2012-09-25 16:47	2007-07-16	Show	GitHub Exploit DB Packet Storm

189108	4.3	警告	mkportal	-	MKPortal 用の NoBoard モジュールの include/user.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3813	2012-09-25 16:47	2007-07-16	Show	GitHub Exploit DB Packet Storm

189109	7.5	危険	it747	-	Realtor 747 の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3810	2012-09-25 16:47	2007-07-16	Show	GitHub Exploit DB Packet Storm

189110	7.5	危険	php arena	-	paFileDB の includes/search.php における SQL インジェクションの脆弱性	-	CVE-2007-3808	2012-09-25 16:47	2007-07-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 4, 2025, 4:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
271	-		-	-	The AHAthat Plugin WordPress plugin through 1.6 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in … New	-	CVE-2024-12595	2025-01-2 15:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

272	-		-	-	The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scriptin… New	-	CVE-2024-11357	2025-01-2 15:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

273	-		-	-	The wp-enable-svg WordPress plugin through 0.7 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts New	-	CVE-2024-11184	2025-01-2 15:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

274	-		-	-	The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong randomization module is present. New	-	CVE-2024-56830	2025-01-2 14:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

275	-		-	-	The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand(), which is not a strong random number generator, for cryptographic keys. New	-	CVE-2002-20002	2025-01-2 14:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

276	-		-	-	Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection. New	-	CVE-2025-22214	2025-01-2 13:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

277	-		-	-	Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx. New	-	CVE-2024-56829	2025-01-2 13:15	2025-01-2	Show	GitHub Exploit DB Packet Storm

278	9.8	CRITICAL Network	-	-	The Electronic Official Document Management System from 2100 Technology has an Authentication Bypass vulnerability. Although the product enforces an IP whitelist for the API used to query user tokens… New	-	CVE-2024-13061	2025-01-2 11:15	2024-12-31	Show	GitHub Exploit DB Packet Storm

279	-		-	-	A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument per… New	CWE-89 CWE-74 SQL Injection Injection	CVE-2025-0168	2025-01-1 23:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

280	-		-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibnuyahya Category Post Shortcode allows Stored XSS.This issue affects Category Post Shortcode: f… New	CWE-79 Cross-site Scripting	CVE-2024-56021	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm