Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 24, 2025, 6:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191581 7.5 危険 hunkaray okul - Hunkaray Okul の Portali の duyuruoku.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4173 2012-09-25 16:59 2007-08-7 Show GitHub Exploit DB Packet Storm
191582 4.3 警告 open webmail - OWM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4172 2012-09-25 16:59 2007-08-7 Show GitHub Exploit DB Packet Storm
191583 7.5 危険 index script - IndexScript における SQL インジェクションの脆弱性 - CVE-2007-4163 2012-09-25 16:59 2007-07-26 Show GitHub Exploit DB Packet Storm
191584 5 警告 mldonkey - MLDonkey における IP ブロックリストを回避される脆弱性 - CVE-2007-4100 2012-09-25 16:59 2007-07-31 Show GitHub Exploit DB Packet Storm
191585 7.5 危険 idevSpot - IDevSpot PhpHostBot における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-4094 2012-09-25 16:59 2007-07-30 Show GitHub Exploit DB Packet Storm
191586 7.8 危険 minb - minb におけるユーザ名などを含むデータベースをダウンロードされる脆弱性 - CVE-2007-4093 2012-09-25 16:47 2007-07-30 Show GitHub Exploit DB Packet Storm
191587 5 警告 ifoto - iFoto の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-4092 2012-09-25 16:47 2007-07-30 Show GitHub Exploit DB Packet Storm
191588 7.5 危険 index script - IndexScript の show_cat.php における SQL インジェクションの脆弱性 - CVE-2007-4069 2012-09-25 16:47 2007-07-26 Show GitHub Exploit DB Packet Storm
191589 7.8 危険 Tenable, Inc. - Nessus Vulnerability Scanner の SCANCTRL.ScanCtrlCtrl.1 ActiveX コントロールにおける任意のファイルを削除される脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4062 2012-09-25 16:47 2007-07-30 Show GitHub Exploit DB Packet Storm
191590 9.3 危険 Tenable, Inc. - Nessus Vulnerability Scanner の特定の ActiveX コントロールにおけるディレクトリトラバーサルの脆弱性 - CVE-2007-4061 2012-09-25 16:47 2007-07-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 25, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
641 - - - In multiple functions of WifiServiceImpl.java, there is a possible way to activate Wi-Fi hotspot from a non-owner profile due to a missing permission check. This could lead to local escalation of pri… Update - CVE-2018-9382 2025-01-22 02:15 2025-01-18 Show GitHub Exploit DB Packet Storm
642 - - - In multiple functions of MiniThumbFile.java, there is a possible way to view the thumbnails of deleted photos due to a confused deputy. This could lead to local information disclosure with no additio… Update - CVE-2018-9379 2025-01-22 02:15 2025-01-18 Show GitHub Exploit DB Packet Storm
643 - - - In multiple functions of UserDictionaryProvider.java, there is a possible way to add and delete words in the user dictionary due to a confused deputy. This could lead to local escalation of privilege… Update - CVE-2018-9375 2025-01-22 02:15 2025-01-18 Show GitHub Exploit DB Packet Storm
644 - - - WeGIA v3.2.0 is vulnerable to SQL Injection viathe nextPage parameter in /controle/control.php. Update - CVE-2024-57035 2025-01-22 02:15 2025-01-18 Show GitHub Exploit DB Packet Storm
645 - - - WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the query parameter. Update - CVE-2024-57034 2025-01-22 02:15 2025-01-18 Show GitHub Exploit DB Packet Storm
646 - - - WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application does not validate the value of the old password, so it is possible to change the password by placing a… Update - CVE-2024-57032 2025-01-22 02:15 2025-01-18 Show GitHub Exploit DB Packet Storm
647 - - - WeGIA < 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the id_funcionario parameter. Update - CVE-2024-57031 2025-01-22 02:15 2025-01-18 Show GitHub Exploit DB Packet Storm
648 6.3 MEDIUM
Network 		- - A vulnerability classified as critical has been found in Codezips Gym Management System 1.0. This affects an unknown part of the file /dashboard/admin/edit_mem_submit.php. The manipulation of the arg… Update - CVE-2025-0535 2025-01-22 02:15 2025-01-18 Show GitHub Exploit DB Packet Storm
649 - - - A cross-site scripting (XSS) vulnerability in the getBusinessUploadListPage?busid interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payl… Update - CVE-2024-57774 2025-01-22 02:15 2025-01-17 Show GitHub Exploit DB Packet Storm
650 - - - A cross-site scripting (XSS) vulnerability in the openSelectManyUserPage?orgid interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Update - CVE-2024-57773 2025-01-22 02:15 2025-01-17 Show GitHub Exploit DB Packet Storm