Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 24, 2025, 6:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189511	6.5	警告	Moodle	-	Moodle のユーザ編集用インターフェースにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6125	2012-09-25 17:26	2008-01-17	Show	GitHub Exploit DB Packet Storm

189512	7.5	危険	Moodle	-	Moodle の report.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6124	2012-09-25 17:26	2008-07-16	Show	GitHub Exploit DB Packet Storm

189513	7.5	危険	ircmaxell	-	Joomla! の tech_article コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6050	2012-09-25 17:26	2009-02-4	Show	GitHub Exploit DB Packet Storm

189514	7.5	危険	NetArt Media	-	NetArtMedia Real Estate Portal の re_search モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6042	2012-09-25 17:26	2009-02-3	Show	GitHub Exploit DB Packet Storm

189515	7.5	危険	mapcal	-	MapCal の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6038	2012-09-25 17:26	2009-02-3	Show	GitHub Exploit DB Packet Storm

189516	7.5	危険	NetArt Media	-	NetArtMedia Jobs Portal における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6030	2012-09-25 17:26	2009-02-3	Show	GitHub Exploit DB Packet Storm

189517	6.8	警告	openmairie	-	openElec の scr/form.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6025	2012-09-25 17:26	2009-02-3	Show	GitHub Exploit DB Packet Storm

189518	6.8	警告	myphpsite	-	MyPHPSite の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6018	2012-09-25 17:26	2009-02-2	Show	GitHub Exploit DB Packet Storm

189519	7.5	危険	i-rater	-	I-Rater Basic の messages.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6017	2012-09-25 17:26	2009-02-2	Show	GitHub Exploit DB Packet Storm

189520	7.5	危険	openfreeway	-	Freeway における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6013	2012-09-25 17:26	2009-01-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 25, 2025, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
771	-		-	-	Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature comp…	-	CVE-2024-13176	2025-01-20 23:15	2025-01-20	Show	GitHub Exploit DB Packet Storm

772	-		-	-	This vulnerability exists in the CP Plus Router due to insecure handling of cookie flags used within its web interface. A remote attacker could exploit this vulnerability by intercepting data transmi…	CWE-1004 CWE-614 Sensitive Cookie Without 'HttpOnly' Flag Sensitive Cookie in HTTPS Session Without 'Secure' Attribute	CVE-2025-0479	2025-01-20 21:15	2025-01-20	Show	GitHub Exploit DB Packet Storm

773	-		-	-	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API …	-	CVE-2023-52923	2025-01-20 20:15	2025-01-20	Show	GitHub Exploit DB Packet Storm

774	7.2	HIGH Network	-	-	The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote attackers with database modification privileges and regular system privileges to perform arbitrary cod…	CWE-502 Deserialization of Untrusted Data	CVE-2025-0586	2025-01-20 12:15	2025-01-20	Show	GitHub Exploit DB Packet Storm

775	9.8	CRITICAL Network	-	-	The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.	CWE-89 SQL Injection	CVE-2025-0585	2025-01-20 12:15	2025-01-20	Show	GitHub Exploit DB Packet Storm

776	5.3	MEDIUM Network	-	-	The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploit this vulnerability to probe internal network.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2025-0584	2025-01-20 12:15	2025-01-20	Show	GitHub Exploit DB Packet Storm

777	4.7	MEDIUM Network	-	-	A vulnerability classified as critical was found in itsourcecode Farm Management System up to 1.0. This vulnerability affects unknown code of the file /add-pig.php. The manipulation of the argument p…	CWE-284 CWE-434 Improper Access Control Unrestricted Upload of File with Dangerous Type	CVE-2025-0582	2025-01-20 12:15	2025-01-20	Show	GitHub Exploit DB Packet Storm

778	3.5	LOW Network	-	-	A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The mani…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2025-0581	2025-01-20 12:15	2025-01-20	Show	GitHub Exploit DB Packet Storm

779	5.6	MEDIUM Network	-	-	A vulnerability was found in Shiprocket Module 3 on OpenCart. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php?route=extension/module/rest_ap…	CWE-285 CWE-863 Improper Authorization Incorrect Authorization	CVE-2025-0580	2025-01-20 12:15	2025-01-20	Show	GitHub Exploit DB Packet Storm

780	7.3	HIGH Network	-	-	A vulnerability was found in Shiprocket Module 3/4 on OpenCart. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php?route=extension/shi…	CWE-89 CWE-74 SQL Injection Injection	CVE-2025-0579	2025-01-20 12:15	2025-01-20	Show	GitHub Exploit DB Packet Storm