Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 6, 2025, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
193191 4.3 警告 BASE - Basic Analysis におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4837 2012-06-26 16:19 2010-05-6 Show GitHub Exploit DB Packet Storm
193192 7.2 危険 deslock - DESlock+ の dlpcrypt.sys カーネルドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4832 2012-06-26 16:19 2010-04-29 Show GitHub Exploit DB Packet Storm
193193 5 警告 8pixel - 8pixel.net Blog におけるデータベースがダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4825 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
193194 4.3 警告 cPanel - cPanel の frontend/x3/files/fileop.html におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4823 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
193195 5 警告 D-Link Systems, Inc. - D-Link DIR-615 におけるDNS 設定を変更される脆弱性 CWE-287
不適切な認証 		CVE-2009-4821 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
193196 5 警告 ASP indir - Angelo-Emlak におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4820 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
193197 6.8 警告 element-it - Element-IT Ultimate Uploader における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2009-4817 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
193198 5 警告 MegaLab.it - MegaLab The Uploader の api/download_checker.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4816 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
193199 7.5 危険 graugon - Graugon PHP Article Publisher の admin.php における管理者用アクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2009-4808 2012-06-26 16:19 2010-04-23 Show GitHub Exploit DB Packet Storm
193200 7.5 危険 graugon - Graugon PHP Article Publisher における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4807 2012-06-26 16:19 2010-04-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 6, 2025, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
101 4.2 MEDIUM
Physics 		- - IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could could allow a physical user to obtain sensitive information due to not masking passwords during entry. New CWE-359
 Exposure of Private Personal Information to an Unauthorized Actor 		CVE-2024-41780 2025-01-4 00:15 2025-01-4 Show GitHub Exploit DB Packet Storm
102 - - - A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/add_cart.php… New - CVE-2025-0176 2025-01-4 00:15 2025-01-3 Show GitHub Exploit DB Packet Storm
103 - - - Moxa’s cellular routers, secure routers, and network security appliances are affected by a critical vulnerability, CVE-2024-9140. This vulnerability allows OS command injection due to improperly rest… - CVE-2024-9140 2025-01-3 18:15 2025-01-3 Show GitHub Exploit DB Packet Storm
104 - - - Moxa’s cellular routers, secure routers, and network security appliances are affected by a high-severity vulnerability, CVE-2024-9138. This vulnerability involves hard-coded credentials, enabling an … - CVE-2024-9138 2025-01-3 18:15 2025-01-3 Show GitHub Exploit DB Packet Storm
105 4.3 MEDIUM
Network 		- - The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.4 d… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-12132 2025-01-3 18:15 2025-01-3 Show GitHub Exploit DB Packet Storm
106 - - - iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2s… - CVE-2025-22275 2025-01-3 16:15 2025-01-3 Show GitHub Exploit DB Packet Storm
107 - - - In cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privile… - CVE-2024-53842 2025-01-3 13:15 2025-01-3 Show GitHub Exploit DB Packet Storm
108 - - - In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed… - CVE-2024-53841 2025-01-3 13:15 2025-01-3 Show GitHub Exploit DB Packet Storm
109 - - - there is a possible biometric bypass due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for … - CVE-2024-53840 2025-01-3 13:15 2025-01-3 Show GitHub Exploit DB Packet Storm
110 - - - In GetCellInfoList() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise… - CVE-2024-53839 2025-01-3 13:15 2025-01-3 Show GitHub Exploit DB Packet Storm