Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 20, 2025, 4:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
181	6.6	警告 Physics	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server&…	ワイヤレス広域ネットワークサービス (WwanSvc) の特権昇格の脆弱性	CWE-125 CWE-noinfo	CVE-2024-49111	2025-01-17 21:40	2024-12-10	Show	GitHub Exploit DB Packet Storm

182	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2024-57872	2025-01-17 21:35	2024-11-20	Show	GitHub Exploit DB Packet Storm

183	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性	CWE-noinfo 情報不足	CVE-2024-56618	2025-01-17 21:33	2024-12-2	Show	GitHub Exploit DB Packet Storm

184	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における配列インデックスの検証に関する脆弱性	CWE-129 配列インデックスの不適切な検証	CVE-2024-56596	2025-01-17 21:32	2024-10-29	Show	GitHub Exploit DB Packet Storm

185	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における配列インデックスの検証に関する脆弱性	CWE-129 配列インデックスの不適切な検証	CVE-2024-53203	2025-01-17 21:30	2024-11-12	Show	GitHub Exploit DB Packet Storm

186	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2024-53187	2025-01-17 21:28	2024-11-26	Show	GitHub Exploit DB Packet Storm

187	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における無限ループに関する脆弱性	CWE-835 無限ループ	CVE-2024-35981	2025-01-17 21:26	2024-04-7	Show	GitHub Exploit DB Packet Storm

188	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性	CWE-noinfo 情報不足	CVE-2023-52532	2025-01-17 21:25	2023-10-5	Show	GitHub Exploit DB Packet Storm

189	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性	CWE-noinfo 情報不足	CVE-2021-47086	2025-01-17 21:23	2021-12-20	Show	GitHub Exploit DB Packet Storm

190	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2023-52789	2025-01-17 21:19	2023-09-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 20, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
275101	-	-	-	property.php in Widget Property 1.1.19 allows remote attackers to obtain the full server path via an invalid lang value, which leaks the path in the resulting error message.	NVD-CWE-Other	CVE-2005-4017	2008-09-20 13:41	2005-12-5	Show	GitHub Exploit DB Packet Storm

275102	-	simplemedia	simplebbs	SQL injection vulnerability in SimpleBBS 1.1 allows remote attackers to execute arbitrary SQL commands via unspecified search module parameters.	CWE-89 SQL Injection	CVE-2005-4027	2008-09-20 13:41	2005-12-5	Show	GitHub Exploit DB Packet Storm

275103	-	debian	python-dns	PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a di…	CWE-16 Configuration	CVE-2008-4099	2008-09-19 13:00	2008-09-19	Show	GitHub Exploit DB Packet Storm

275104	-	debian	python-dns	PyDNS (aka python-dns) before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote a…	CWE-16 Configuration	CVE-2008-4126	2008-09-19 13:00	2008-09-19	Show	GitHub Exploit DB Packet Storm

275105	-	lxde	lightweight_x11_desktop_environment	src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rot.jpg temporary file.	CWE-59 Link Following	CVE-2008-3791	2008-09-17 14:35	2008-09-3	Show	GitHub Exploit DB Packet Storm

275106	-	apple	iphone	Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2008-3876	2008-09-17 14:35	2008-09-2	Show	GitHub Exploit DB Packet Storm

275107	-	six_apart	movable_type	Cross-site scripting (XSS) vulnerability in Movable Type (MT) 4.x through 4.20, and 3.36 and earlier; Movable Type Enterprise 4.x through 4.20, and 1.54 and earlier; and Movable Type Community Soluti…	CWE-79 Cross-site Scripting	CVE-2008-4079	2008-09-16 00:14	2008-09-16	Show	GitHub Exploit DB Packet Storm

275108	-	texmedia	million_pixel_script	SQL injection vulnerability in tops_top.php in Million Pixel Ad Script (Million Pixel Script) allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.	CWE-89 SQL Injection	CVE-2008-4055	2008-09-12 13:00	2008-09-12	Show	GitHub Exploit DB Packet Storm

275109	-	apple	itunes	Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow re…	CWE-200 Information Exposure	CVE-2008-3634	2008-09-11 13:00	2008-09-11	Show	GitHub Exploit DB Packet Storm

275110	-	opensuse	opensuse	Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."	NVD-CWE-noinfo CWE-189 Numeric Errors	CVE-2008-2388	2008-09-11 10:10	2008-06-7	Show	GitHub Exploit DB Packet Storm