Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 10, 2025, 6:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189481	4.3	警告	helioscalendar	-	Helios Calendar の admin/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5952	2012-09-25 16:59	2007-11-13	Show	GitHub Exploit DB Packet Storm

189482	3.5	注意	IBM	-	IBM Tivoli Service Desk におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5949	2012-09-25 16:59	2007-11-13	Show	GitHub Exploit DB Packet Storm

189483	10	危険	Heimdal	-	Heimdal の gss_userok 関数における脆弱性	CWE-119 バッファエラー	CVE-2007-5939	2012-09-25 16:59	2007-12-6	Show	GitHub Exploit DB Packet Storm

189484	4.3	警告	PEAR	-	PEAR MDB2 の LOB 機能における MDB2 を使用される脆弱性	CWE-200 CWE-DesignError	CVE-2007-5934	2012-09-25 16:59	2007-02-4	Show	GitHub Exploit DB Packet Storm

189485	5	警告	OrangeHRM	-	OrangeHRM の lib/controllers/RepViewController.php におけるデータへのアクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-5931	2012-09-25 16:59	2007-11-10	Show	GitHub Exploit DB Packet Storm

189486	9	危険	Openbase International	-	OpenBase におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5929	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

189487	9	危険	Openbase International	-	OpenBase における任意のメモリ領域を開放される脆弱性	CWE-119 CWE-20	CVE-2007-5928	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

189488	9	危険	Openbase International	-	OpenBase におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-5927	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

189489	9	危険	Openbase International	-	OpenBase における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2007-5926	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

189490	5	警告	mywebftp	-	MyWebFTP における MD5 パスワードハッシュを取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-5919	2012-09-25 16:59	2007-11-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 11, 2025, 5:03 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221	-		-	-	The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old… New	-	CVE-2024-10815	2025-01-10 01:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

222	-		-	-	An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 allows attackers to cause a Denial of Service (DoS) via a crafted XML payload. New	-	CVE-2024-46603	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

223	-		-	-	An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML External Entity (XXE) vulnerability may allow an attacker to cause a Denial of Service (DoS) via a cra… New	-	CVE-2024-46602	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

224	-		-	-	Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow. New	-	CVE-2024-46601	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

225	5.5	MEDIUM Local	dell	powerscale_onefs	Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerab… New	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2024-47475	2025-01-10 01:04	2025-01-7	Show	GitHub Exploit DB Packet Storm

226	-		-	-	A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer. New	-	CVE-2024-10106	2025-01-10 00:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

227	-		-	-	IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as configurations that should only be available to privileged users. New	CWE-282 CWE-276 Improper Ownership Management Incorrect Default Permissions	CVE-2024-43176	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

228	-		-	-	IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, and 12.4 operands running in Red H… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2022-22491	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

229	-		-	-	The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to Cross-Site Request Fo… New	-	CVE-2024-12605	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

230	-		-	-	SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Mic… New	-	CVE-2024-12802	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm