Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190851 7.5 危険 k5n.us - WebCalendar の send_reminders.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2836 2012-09-25 17:17 2008-06-24 Show GitHub Exploit DB Packet Storm
190852 7.5 危険 igsuite - IGSuite の cgi-bin/igsuite における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2835 2012-09-25 17:17 2008-06-24 Show GitHub Exploit DB Packet Storm
190853 3.5 注意 mailmarshal - MailMachine SMTP の showMsg.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2831 2012-09-25 17:17 2008-10-2 Show GitHub Exploit DB Packet Storm
190854 7.5 危険 nitropowered - NiTrO Web Gallery の albums.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2817 2012-09-25 17:17 2008-06-23 Show GitHub Exploit DB Packet Storm
190855 7.5 危険 o2php - Oxygen の post.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2816 2012-09-25 17:17 2008-06-23 Show GitHub Exploit DB Packet Storm
190856 7.5 危険 mymarket - MyMarket の shopping/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2815 2012-09-25 17:17 2008-06-23 Show GitHub Exploit DB Packet Storm
190857 4.3 警告 Zoho Corporation - ManageEngine OpUtils の MainLayout.do におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2797 2012-09-25 17:17 2008-06-20 Show GitHub Exploit DB Packet Storm
190858 4.3 警告 idm computer solutions inc - IDM Computer Solutions Inc の UltraEdit の FTP クライアントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2795 2012-09-25 17:17 2008-06-20 Show GitHub Exploit DB Packet Storm
190859 7.5 危険 kalptaru infotech - Kalptaru Infotech Comparison Engine Power Script における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2791 2012-09-25 17:17 2008-06-20 Show GitHub Exploit DB Packet Storm
190860 7.5 危険 mountaingrafix - MountainGrafix easyTrade の detail.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2790 2012-09-25 17:17 2008-06-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 13, 2025, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1721 - - - Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A high privileged attacker wit… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2025-23374 2025-01-30 14:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1722 6.5 MEDIUM
Network 		- - A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Req… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2025-0848 2025-01-30 11:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1723 7.8 HIGH
Local 		apple macos
ipados
iphone_os
visionos
watchos
tvos 		A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious applicati… CWE-416
 Use After Free 		CVE-2025-24085 2025-01-30 11:00 2025-01-28 Show GitHub Exploit DB Packet Storm
1724 9.9 CRITICAL
Network 		- - Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network. CWE-290
 Authentication Bypass by Spoofing 		CVE-2025-21415 2025-01-30 08:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1725 7.5 HIGH
Network 		- - Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network. CWE-862
 Missing Authorization 		CVE-2025-21396 2025-01-30 08:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1726 5.4 MEDIUM
Network 		- - User Interface (UI) Misrepresentation of Critical Information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network - CVE-2025-21262 2025-01-30 08:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1727 - - - A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations. - CVE-2025-0851 2025-01-30 07:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1728 7.3 HIGH
Network 		- - A vulnerability was found in needyamin Library Card System 1.0 and classified as critical. This issue affects some unknown processing of the file admin.php of the component Login. The manipulation of… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0842 2025-01-30 07:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1729 - - - When LDAP connection is activated in Teedy versions between 1.9 to 1.12, the username field of the login form is vulnerable to LDAP injection. Due to improper sanitization of user input, an unauthent… - CVE-2024-54852 2025-01-30 07:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1730 7.5 HIGH
Network 		- - Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.3… - CVE-2024-12705 2025-01-30 07:15 2025-01-30 Show GitHub Exploit DB Packet Storm