Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
192311 4.3 警告 日立 - Hitachi JP1/HiCommand Device Manager におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3623 2012-09-25 16:47 2007-07-6 Show GitHub Exploit DB Packet Storm
192312 5 警告 maia mailguard - Maia Mailguard におけるディレクトリトラバーサルの脆弱性 - CVE-2007-3620 2012-09-25 16:47 2007-06-30 Show GitHub Exploit DB Packet Storm
192313 5 警告 maia mailguard - Maia Mailguard の login.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-3619 2012-09-25 16:47 2007-06-30 Show GitHub Exploit DB Packet Storm
192314 4.3 警告 izzysoft - phpVideoPro の inc/vul_check.inc における脆弱性 - CVE-2007-3596 2012-09-25 16:47 2007-07-6 Show GitHub Exploit DB Packet Storm
192315 7.5 危険 mycms - MyCMS における権限を取得される脆弱性 - CVE-2007-3587 2012-09-25 16:47 2007-07-5 Show GitHub Exploit DB Packet Storm
192316 7.5 危険 mycms - MyCMS における _score.txt などのファイルへ任意の PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-3586 2012-09-25 16:47 2007-07-5 Show GitHub Exploit DB Packet Storm
192317 7.5 危険 mycms - MyCMS の games.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3585 2012-09-25 16:47 2007-07-5 Show GitHub Exploit DB Packet Storm
192318 7.5 危険 inforest communications - SuperCali PHP Event Calendar の index.php における SQL インジェクションの脆弱性 - CVE-2007-3582 2012-09-25 16:47 2007-07-5 Show GitHub Exploit DB Packet Storm
192319 5 警告 jedox - Jedox Palo クライアントにおけるパスワードを取得される脆弱性 - CVE-2007-3581 2012-09-25 16:47 2007-07-5 Show GitHub Exploit DB Packet Storm
192320 4.3 警告 シスコシステムズ (Linksys) - Cisco Linksys WAG54GS Wireless-G ADSL Gateway におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-3574 2012-09-25 16:47 2007-07-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 22, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1941 - - - When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU r… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2025-24312 2025-02-6 03:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1942 - - - An insufficient verification of data authenticity vulnerability exists in BIG-IP APM Access Policy endpoint inspection that may allow an attacker to bypass endpoint inspection checks for VPN connecti… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2025-23415 2025-02-6 03:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1943 - - - When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reache… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2025-23413 2025-02-6 03:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1944 - - - When BIG-IP APM Access Profile is configured on a virtual server, undisclosed request can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are… CWE-120
Classic Buffer Overflow 		CVE-2025-23412 2025-02-6 03:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1945 - - - When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a securit… CWE-77
Command Injection 		CVE-2025-23239 2025-02-6 03:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1946 - - - When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an i… CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2025-22891 2025-02-6 03:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1947 - - - When SIP Session and Router ALG profiles are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.   Note: Softw… CWE-404
 Improper Resource Shutdown or Release 		CVE-2025-22846 2025-02-6 03:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1948 - - - When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (Eo… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2025-21091 2025-02-6 03:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1949 - - - When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. … CWE-400
 Uncontrolled Resource Consumption 		CVE-2025-21087 2025-02-6 03:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1950 - - - When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Te… CWE-400
 Uncontrolled Resource Consumption 		CVE-2025-20058 2025-02-6 03:15 2025-02-6 Show GitHub Exploit DB Packet Storm