Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
193801	7.5	危険	inccms technology	-	IncCMS Core の inc/settings.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5304	2012-09-25 15:36	2006-10-17	Show	GitHub Exploit DB Packet Storm

193802	6.5	警告	ヒューレット・パッカード	-	HP Version Control Agent における権限を取得される脆弱性	-	CVE-2006-5300	2012-09-25 15:36	2006-10-17	Show	GitHub Exploit DB Packet Storm

193803	1.2	注意	Mutt	-	Mutt mail client の mutt_adv_mktemp 関数におけるファイルを作成される脆弱性	-	CVE-2006-5298	2012-09-25 15:36	2006-10-16	Show	GitHub Exploit DB Packet Storm

193804	4.3	警告	マイクロソフト	-	Microsoft Office 2003 の PowerPoint におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-5296	2012-09-25 15:36	2006-10-16	Show	GitHub Exploit DB Packet Storm

193805	5	警告	Novell	-	Novell BorderManager の IKE.NLM におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-5286	2012-09-25 15:36	2006-10-13	Show	GitHub Exploit DB Packet Storm

193806	5.1	警告	php news reader	-	Shen Cheng-Da PHP News Reader の auth/phpbb.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5284	2012-09-25 15:36	2006-10-13	Show	GitHub Exploit DB Packet Storm

193807	7.5	危険	minichat	-	Minichat の ftag.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5283	2012-09-25 15:36	2006-10-13	Show	GitHub Exploit DB Packet Storm

193808	7.5	危険	navyism	-	n@board の naboard_pnr.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5281	2012-09-25 15:36	2006-10-13	Show	GitHub Exploit DB Packet Storm

193809	7.5	危険	マイクロソフト	-	Microsoft Dynamics GP におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2006-5266	2012-09-25 15:36	2006-12-31	Show	GitHub Exploit DB Packet Storm

193810	5	警告	マイクロソフト	-	Microsoft Dynamics GP におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2006-5265	2012-09-25 15:36	2006-12-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 26, 2025, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
831	4.3	MEDIUM Network	edmonsoft	read_more_\&_accordion	The Read More & Accordion plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the expmDeleteData() function in all versions up to, an…	CWE-862 Missing Authorization	CVE-2024-13639	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

832	-		-	-	Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in agent-related functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and …	CWE-22 Path Traversal	CVE-2024-47264	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

833	-		-	-	The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which co…	-	CVE-2024-13120	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

834	-		-	-	The Chalet-Montagne.com Tools WordPress plugin through 2.7.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be…	-	CVE-2024-12586	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

835	-		-	-	Cross Site Scripting vulnerability in Daylight Studio Fuel CMS v.1.5.2 allows an attacker to escalate privileges via the /fuel/blocks/ and /fuel/pages components.	-	CVE-2024-57605	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

836	-		-	-	An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.	-	CVE-2024-57604	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

837	-		-	-	Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter.	-	CVE-2024-57601	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

838	-		-	-	An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service (DoS) via excessive file uploads.	-	CVE-2024-56940	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

839	-		-	-	An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the NtBpfService component.	-	CVE-2024-51440	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

840	-		-	-	An issue in Zertificon Z1 SecureMail Z1 SecureMail Gateway 4.44.2-7240-debian12 allows a remote attacker to obtain sensitive information via the /compose-pdf.xhtml?convid=[id] component.	-	CVE-2024-51123	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm