Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 16, 2025, 2:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
192351 5.1 警告 imendio planner - Imendio Planner におけるフォーマットストリングの脆弱性 - CVE-2006-4070 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
192352 4.3 警告 ozjournals - Elaine Aquino OZJournals におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4069 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
192353 2.6 注意 マイクロソフト - Microsoft Windows XP SP2 の gdiplus.dll におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4066 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
192354 7.5 危険 mitch murray - Mitch Murray Eremove の gui.cpp におけるバッファオーバーフローの脆弱性 - CVE-2006-4057 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
192355 7.5 危険 netious cms - Netious CMS における管理セクションへのアクセス権を取得される脆弱性 - CVE-2006-4048 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
192356 7.5 危険 netious cms - Netious CMS の index.php における SQL インジェクションの脆弱性 - CVE-2006-4047 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
192357 7.5 危険 open cubic player - Open Cubic Player におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-4046 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
192358 5 警告 mywebland - myWebland myBloggie の index.php における重要な情報を取得される脆弱性 - CVE-2006-4043 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
192359 7.5 危険 mywebland - myWebland myBloggie の trackback.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-4042 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
192360 7.5 危険 mywebland - myWebland myEvent の myevent.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4040 2012-09-25 15:35 2006-08-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 16, 2025, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
411 - - - An out-of-bounds write in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to cause a denial of service. New CWE-787
 Out-of-bounds Write 		CVE-2024-13165 2025-01-15 03:15 2025-01-15 Show GitHub Exploit DB Packet Storm
412 - - - An uninitialized resource in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges. New CWE-908
 Use of Uninitialized Resource 		CVE-2024-13164 2025-01-15 03:15 2025-01-15 Show GitHub Exploit DB Packet Storm
413 - - - Deserialization of untrusted data in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code … New CWE-502
 Deserialization of Untrusted Data 		CVE-2024-13163 2025-01-15 03:15 2025-01-15 Show GitHub Exploit DB Packet Storm
414 - - - SQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code … New CWE-89
SQL Injection 		CVE-2024-13162 2025-01-15 03:15 2025-01-15 Show GitHub Exploit DB Packet Storm
415 - - - Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. New CWE-36
 Absolute Path Traversal 		CVE-2024-13161 2025-01-15 03:15 2025-01-15 Show GitHub Exploit DB Packet Storm
416 - - - Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. New CWE-36
 Absolute Path Traversal 		CVE-2024-13160 2025-01-15 03:15 2025-01-15 Show GitHub Exploit DB Packet Storm
417 - - - Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. New CWE-36
 Absolute Path Traversal 		CVE-2024-13159 2025-01-15 03:15 2025-01-15 Show GitHub Exploit DB Packet Storm
418 - - - An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to … New CWE-22
CWE-426
Path Traversal
 Untrusted Search Path 		CVE-2024-13158 2025-01-15 03:15 2025-01-15 Show GitHub Exploit DB Packet Storm
419 - - - In Apache Linkis <1.7.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will allow the attacker to re… New - CVE-2024-45627 2025-01-15 03:15 2025-01-15 Show GitHub Exploit DB Packet Storm
420 - - - Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Drupal Security Kit allows HTTP DoS.This issue affects Security Kit: from 0.0.0 before 2.0.3. Update - CVE-2024-13275 2025-01-15 03:15 2025-01-10 Show GitHub Exploit DB Packet Storm