Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 1, 2025, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191111 7.5 危険 RivetCode Software - RivetTracker における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-4996 2012-09-21 11:30 2012-09-19 Show GitHub Exploit DB Packet Storm
191112 7.5 危険 RivetCode Software - RivetTracker の torrent_functions.php における脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4993 2012-09-21 11:29 2012-09-19 Show GitHub Exploit DB Packet Storm
191113 9 危険 FlashFXP - FlashFXP の FlashFXP.exe におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-4992 2012-09-21 11:29 2012-03-4 Show GitHub Exploit DB Packet Storm
191114 4.3 警告 Apache Software Foundation - Apache Wicket におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-3373 2012-09-21 11:16 2012-09-6 Show GitHub Exploit DB Packet Storm
191115 7.5 危険 Timesheet - Timesheet Next Gen の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-2105 2012-09-21 11:15 2012-09-19 Show GitHub Exploit DB Packet Storm
191116 5.7 警告 ISC, Inc. - ISC DHCP におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-3570 2012-09-20 17:34 2012-07-24 Show GitHub Exploit DB Packet Storm
191117 7.5 危険 Calligra - Calligra の Microsoft インポートフィルタにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-3456 2012-09-20 17:16 2012-08-10 Show GitHub Exploit DB Packet Storm
191118 5.5 警告 Moodle - Moodle の course/reset.php におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4408 2012-09-20 16:50 2012-09-17 Show GitHub Exploit DB Packet Storm
191119 5 警告 Moodle - Moodle の lib/filelib.php における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-4407 2012-09-20 16:48 2012-09-17 Show GitHub Exploit DB Packet Storm
191120 5 警告 Moodle - Moodle の theme/yui_combo.php におけるインストールパスを取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-4403 2012-09-20 16:45 2012-09-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 1, 2025, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
81 7.6 HIGH
Network 		- - A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod.… New CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2024-45497 2024-12-31 12:15 2024-12-31 Show GitHub Exploit DB Packet Storm
82 8.8 HIGH
Network 		- - The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access ce… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-13040 2024-12-31 11:15 2024-12-31 Show GitHub Exploit DB Packet Storm
83 8.8 HIGH
Network 		- - The login mechanism via device authentication of CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability. If a user visits a forged website, the agent program deployed … New CWE-294
Authentication Bypass by Capture-replay  		CVE-2024-12839 2024-12-31 11:15 2024-12-31 Show GitHub Exploit DB Packet Storm
84 8.8 HIGH
Network 		- - The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request… New CWE-302
 Authentication Bypass by Assumed-Immutable Data 		CVE-2024-12838 2024-12-31 11:15 2024-12-31 Show GitHub Exploit DB Packet Storm
85 - - - A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewal… Update - CVE-2024-3393 2024-12-31 11:00 2024-12-27 Show GitHub Exploit DB Packet Storm
86 - - - An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined… New - CVE-2024-13058 2024-12-31 07:15 2024-12-31 Show GitHub Exploit DB Packet Storm
87 - - - Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations … New CWE-122
Heap-based Buffer Overflow 		CVE-2024-13051 2024-12-31 06:15 2024-12-31 Show GitHub Exploit DB Packet Storm
88 - - - Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations … New CWE-122
Heap-based Buffer Overflow 		CVE-2024-13050 2024-12-31 06:15 2024-12-31 Show GitHub Exploit DB Packet Storm
89 - - - Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellu… New CWE-843
Type Confusion 		CVE-2024-13049 2024-12-31 06:15 2024-12-31 Show GitHub Exploit DB Packet Storm
90 - - - Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-… New CWE-787
 Out-of-bounds Write 		CVE-2024-13048 2024-12-31 06:15 2024-12-31 Show GitHub Exploit DB Packet Storm