Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 11, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189811	4.3	警告	InterWorx	-	InterWorx-CP Webmaster Level におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4589	2012-09-25 16:59	2007-08-28	Show	GitHub Exploit DB Packet Storm

189812	4.3	警告	InterWorx	-	InterWorx-CP Server Admin Level におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4588	2012-09-25 16:59	2007-08-28	Show	GitHub Exploit DB Packet Storm

189813	7.5	危険	The PHP Group	-	PHP 用の iisfunc エクステンションにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-4586	2012-09-25 16:59	2007-08-28	Show	GitHub Exploit DB Packet Storm

189814	4.4	警告	日立	-	Cosminexus Application Server の Cosminexus Manager における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-4563	2012-09-25 16:59	2007-08-24	Show	GitHub Exploit DB Packet Storm

189815	4.3	警告	日立	-	Hitachi DABroker におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2007-4562	2012-09-25 16:59	2007-08-24	Show	GitHub Exploit DB Packet Storm

189816	4.3	警告	Novell	-	Novell GroupWise WebAccess の webacc サーブレットにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4557	2012-09-25 16:59	2007-08-27	Show	GitHub Exploit DB Packet Storm

189817	6.8	警告	opensymphony	-	OpenSymphony XWork の Struts サポートにおけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2007-4556	2012-09-25 16:59	2007-08-27	Show	GitHub Exploit DB Packet Storm

189818	4.3	警告	Ipswitch, Inc.	-	Ipswitch WS_FTP におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4555	2012-09-25 16:59	2007-08-27	Show	GitHub Exploit DB Packet Storm

189819	4.3	警告	Mozilla Foundation	-	Bugzilla の enter_bug.cgi におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4543	2012-09-25 16:59	2007-08-23	Show	GitHub Exploit DB Packet Storm

189820	4.3	警告	olate	-	od におけるクロスサイトスクリプティングの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-4541	2012-09-25 16:59	2007-08-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 11, 2025, 5:03 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221	-		-	-	The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old… New	-	CVE-2024-10815	2025-01-10 01:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

222	-		-	-	An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 allows attackers to cause a Denial of Service (DoS) via a crafted XML payload. Update	-	CVE-2024-46603	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

223	-		-	-	An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML External Entity (XXE) vulnerability may allow an attacker to cause a Denial of Service (DoS) via a cra… Update	-	CVE-2024-46602	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

224	-		-	-	Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow. Update	-	CVE-2024-46601	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

225	5.5	MEDIUM Local	dell	powerscale_onefs	Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerab… Update	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2024-47475	2025-01-10 01:04	2025-01-7	Show	GitHub Exploit DB Packet Storm

226	-		-	-	A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer. New	-	CVE-2024-10106	2025-01-10 00:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

227	-		-	-	IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as configurations that should only be available to privileged users. New	CWE-282 CWE-276 Improper Ownership Management Incorrect Default Permissions	CVE-2024-43176	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

228	-		-	-	IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, and 12.4 operands running in Red H… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2022-22491	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

229	-		-	-	The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to Cross-Site Request Fo… New	-	CVE-2024-12605	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

230	-		-	-	SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Mic… New	-	CVE-2024-12802	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm