Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 29, 2025, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189521 7.5 危険 onlinegrades - Online Grades の admin/admin_login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0479 2012-09-25 17:27 2009-02-5 Show GitHub Exploit DB Packet Storm
189522 9.3 危険 multimediasoft - MultiMedia Soft audio コンポーネントにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-0476 2012-09-25 17:27 2009-02-8 Show GitHub Exploit DB Packet Storm
189523 7.5 危険 magtrb - AJA Portal におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-0457 2012-09-25 17:27 2009-02-10 Show GitHub Exploit DB Packet Storm
189524 5 警告 onlinegrades - Online Grades における設定情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-0453 2012-09-25 17:27 2009-02-5 Show GitHub Exploit DB Packet Storm
189525 6.8 警告 onlinegrades - Online Grades の parents/login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0452 2012-09-25 17:27 2009-02-5 Show GitHub Exploit DB Packet Storm
189526 7.2 危険 カスペルスキー - Kaspersky Anti-Virus の klim5.sys におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-0449 2012-09-25 17:27 2009-02-10 Show GitHub Exploit DB Packet Storm
189527 7.2 危険 IBM - WAS で使用される IBM HTTP Server の mod_ibm_ssl モジュールなどにおける脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-0436 2012-09-25 17:27 2009-02-10 Show GitHub Exploit DB Packet Storm
189528 7.5 危険 kevin walker - PHPPA の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-0423 2012-09-25 17:27 2009-02-4 Show GitHub Exploit DB Packet Storm
189529 3.7 注意 monkey - trickle における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2009-0415 2012-09-25 17:27 2009-02-3 Show GitHub Exploit DB Packet Storm
189530 7.5 危険 interspire - ISC の class.auth.php の ProcessLogin 関数における管理者アクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2009-0412 2012-09-25 17:27 2009-02-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 29, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
801 - - - Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack … CWE-419
CVE-2025-24030 2025-01-23 13:15 2025-01-23 Show GitHub Exploit DB Packet Storm
802 - - - BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application could allow operators to download files from a local repository which is vulnerable to path traversal att… - CVE-2024-42187 2025-01-23 12:15 2025-01-23 Show GitHub Exploit DB Packet Storm
803 - - - BigFix Patch Download Plug-ins are affected by an insecure protocol support. The application can allow improper handling of SSL certificates validation. - CVE-2024-42186 2025-01-23 12:15 2025-01-23 Show GitHub Exploit DB Packet Storm
804 - - - BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML injection attacks. This allows an attacker to exploit this vulnerability by injecting malicious XML con… - CVE-2024-42185 2025-01-23 12:15 2025-01-23 Show GitHub Exploit DB Packet Storm
805 - - - BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. It could allow a malicious operator to attempt to download files using the file:// URI scheme. - CVE-2024-42184 2025-01-23 12:15 2025-01-23 Show GitHub Exploit DB Packet Storm
806 6.4 MEDIUM
Network 		- - IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt… CWE-79
Cross-site Scripting 		CVE-2023-50309 2025-01-23 12:15 2025-01-23 Show GitHub Exploit DB Packet Storm
807 4.6 MEDIUM
Network 		- - IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering t… CWE-79
Cross-site Scripting 		CVE-2023-32340 2025-01-23 12:15 2025-01-23 Show GitHub Exploit DB Packet Storm
808 - - - BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It could allow a malicious operator to download files from arbitrary URLs without any proper validation or al… - CVE-2024-42183 2025-01-23 11:15 2025-01-23 Show GitHub Exploit DB Packet Storm
809 - - - BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. It may allow the application to download files from an internally hosted server on localhost. - CVE-2024-42182 2025-01-23 10:15 2025-01-23 Show GitHub Exploit DB Packet Storm
810 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid extent tree [BUG] Syzbot reported a crash with the following call trace: BTR… CWE-476
 NULL Pointer Dereference 		CVE-2025-21658 2025-01-23 08:02 2025-01-21 Show GitHub Exploit DB Packet Storm