Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
192471	10	危険	LEAD Technologies, Inc.	-	LeadTools Raster Dialog File_D Object におけるバッファオーバーフローの脆弱性	-	CVE-2007-2946	2012-09-25 16:47	2007-05-30	Show	GitHub Exploit DB Packet Storm

192472	7.5	危険	my little homepage	-	my little forum の user.php における SQL インジェクションの脆弱性	-	CVE-2007-2942	2012-09-25 16:47	2007-05-30	Show	GitHub Exploit DB Packet Storm

192473	7.5	危険	michael brandon	-	vBulletin の vBGSiteMap の作成元における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2941	2012-09-25 16:47	2007-05-30	Show	GitHub Exploit DB Packet Storm

192474	6.8	警告	mazens php chat	-	Mazen's PHP Chat における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2939	2012-09-25 16:47	2007-05-30	Show	GitHub Exploit DB Packet Storm

192475	10	危険	マイクロソフト Honeywell International Inc.	-	Ademco ATNBaseLoader100.dll におけるバッファオーバーフローの脆弱性	-	CVE-2007-2938	2012-09-25 16:47	2007-05-30	Show	GitHub Exploit DB Packet Storm

192476	7.5	危険	phil-a-form	-	Joomla! 用の philaform コンポーネントにおける SQL インジェクションの脆弱性	-	CVE-2007-2933	2012-09-25 16:47	2007-05-30	Show	GitHub Exploit DB Packet Storm

192477	9.3	危険	Novell	-	Novell exteNd Director などの launch メソッドにおける任意のコマンドを実行される脆弱性	-	CVE-2007-2923	2012-09-25 16:47	2007-06-18	Show	GitHub Exploit DB Packet Storm

192478	6.8	警告	Logitech	-	Logitech VideoCall の ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-2918	2012-09-25 16:47	2007-05-31	Show	GitHub Exploit DB Packet Storm

192479	5	警告	vBulletin Solutions, Inc.	-	Jelsoft vBulletin における削除済みユーザの違反 "red flag" を発見される脆弱性	-	CVE-2007-2912	2012-09-25 16:47	2007-02-13	Show	GitHub Exploit DB Packet Storm

192480	8.5	危険	vBulletin Solutions, Inc.	-	Jelsoft vBulletin の admincp/attachment.php における SQL インジェクションの脆弱性	-	CVE-2007-2911	2012-09-25 16:47	2007-03-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 6, 2025, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1501	5.5	MEDIUM Local	google	android	In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access to emergency services due to a logic error in the code. This could lead to a local denial of service w…	NVD-CWE-noinfo	CVE-2017-13322	2025-01-24 04:54	2025-01-18	Show	GitHub Exploit DB Packet Storm

1502	-		-	-	An uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Serv…	-	CVE-2024-24443	2025-01-24 04:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

1503	-		-	-	A reachable assertion in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an…	-	CVE-2023-37024	2025-01-24 04:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

1504	-		-	-	Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.2.0, when sharing an item, a typical user can specify an arbitrary role. It allows the user to use…	CWE-269 Improper Privilege Management	CVE-2025-24353	2025-01-24 03:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1505	-		-	-	@fastify/multipart is a Fastify plugin for parsing the multipart content-type. Prior to versions 8.3.1 and 9.0.3, the `saveRequestFiles` function does not delete the uploaded temporary files when use…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2025-24033	2025-01-24 03:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1506	6.4	MEDIUM Network	-	-	IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript …	CWE-79 Cross-site Scripting	CVE-2025-23227	2025-01-24 03:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1507	-		-	-	RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython…	CWE-843 Type Confusion	CVE-2025-22153	2025-01-24 03:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1508	-		-	-	Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is vulnerable to leaking credentials in d…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2025-24034	2025-01-24 03:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1509	6.0	MEDIUM Local	-	-	IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. which could also cause a denial of service.	CWE-471 Modification of Assumed-Immutable Data (MAID)	CVE-2024-45672	2025-01-24 03:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1510	-		-	-	A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records …	-	CVE-2025-0650	2025-01-24 03:15	2025-01-24	Show	GitHub Exploit DB Packet Storm