Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 22, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190771 4.3 警告 Zoho Corporation - ManageEngine OpManager MSP Edition などにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5891 2012-09-25 16:59 2007-11-7 Show GitHub Exploit DB Packet Storm
190772 10 危険 idmos - IDMOS における PHP リモートファイルインクルージョンの脆弱性 CWE-Other
その他 		CVE-2007-5889 2012-09-25 16:59 2007-11-7 Show GitHub Exploit DB Packet Storm
190773 7.5 危険 infuseum - ASP Message Board の boards/printer.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5887 2012-09-25 16:59 2007-11-7 Show GitHub Exploit DB Packet Storm
190774 7.5 危険 GuppYTeam - GuppY の error.php におけるディレクトリトラバーサルの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5845 2012-09-25 16:59 2007-11-6 Show GitHub Exploit DB Packet Storm
190775 4.3 警告 Nagios Enterprises, LLC - Nagios の CGI プログラムにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5803 2012-09-25 16:59 2008-05-13 Show GitHub Exploit DB Packet Storm
190776 7.2 危険 Novell - Novell NetWare Client で使用される cdriver における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5762 2012-09-25 16:59 2008-01-9 Show GitHub Exploit DB Packet Storm
190777 7.2 危険 Motorola Solutions, Inc - Motorola netOctopus の NantSys デバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5761 2012-09-25 16:59 2008-01-8 Show GitHub Exploit DB Packet Storm
190778 6.9 警告 IBM - IBM DB2 Universal Database の db2dasrrm におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5758 2012-09-25 16:59 2008-04-16 Show GitHub Exploit DB Packet Storm
190779 6.9 警告 IBM - IBM DB2 UDB の db2pd における root 権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5757 2012-09-25 16:59 2008-02-12 Show GitHub Exploit DB Packet Storm
190780 7.5 危険 GuppYTeam - GuppY の inc/includes.inc におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5844 2012-09-25 16:59 2007-11-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 22, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
771 - - - An issue in the USB Autorun function of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to execute arbitrary code via uploading a crafted script from a USB device. - CVE-2024-48123 2025-01-16 06:15 2025-01-16 Show GitHub Exploit DB Packet Storm
772 - - - Insecure default configurations in HI-SCAN 6040i Hitrax HX-03-19-I allow authenticated attackers with low-level privileges to escalate to root-level privileges. - CVE-2024-48122 2025-01-16 06:15 2025-01-16 Show GitHub Exploit DB Packet Storm
773 - - - The HI-SCAN 6040i Hitrax HX-03-19-I was discovered to transmit user credentials in cleartext over the GIOP protocol. This allows attackers to possibly gain access to sensitive information via a man-i… - CVE-2024-48121 2025-01-16 06:15 2025-01-16 Show GitHub Exploit DB Packet Storm
774 - - - A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of d… - CVE-2025-0482 2025-01-16 06:15 2025-01-16 Show GitHub Exploit DB Packet Storm
775 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. - CVE-2024-57226 2025-01-16 06:15 2025-01-11 Show GitHub Exploit DB Packet Storm
776 - - - TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the modifyOne parameter in the enable_wsh function. - CVE-2024-57211 2025-01-16 06:15 2025-01-11 Show GitHub Exploit DB Packet Storm
777 - - - TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an a… - CVE-2024-54887 2025-01-16 06:15 2025-01-10 Show GitHub Exploit DB Packet Storm
778 - - - Sentry is a developer-first error tracking and performance monitoring tool. A critical vulnerability was discovered in the SAML SSO implementation of Sentry. It was reported to us via our private bug… CWE-287
Improper Authentication 		CVE-2025-22146 2025-01-16 05:15 2025-01-16 Show GitHub Exploit DB Packet Storm
779 - - - A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been classified as problematic. Affected is an unknown function of the file /fladmin/sysconfig_doedit.php. The manipulation of the ar… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2025-0485 2025-01-16 05:15 2025-01-16 Show GitHub Exploit DB Packet Storm
780 - - - A vulnerability was found in Fanli2012 native-php-cms 1.0 and classified as critical. This issue affects some unknown processing of the file /fladmin/sysconfig_doedit.php of the component Backend. Th… CWE-285
CWE-266
Improper Authorization
 Incorrect Privilege Assignment 		CVE-2025-0484 2025-01-16 05:15 2025-01-16 Show GitHub Exploit DB Packet Storm