Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 23, 2025, 10:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194091 7.2 危険 マイクロソフト - Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-2527 2012-08-21 17:26 2012-08-14 Show GitHub Exploit DB Packet Storm
194092 9.3 危険 マイクロソフト - Microsoft Office 2007 および 2010 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2012-2524 2012-08-21 17:24 2012-08-14 Show GitHub Exploit DB Packet Storm
194093 9.3 危険 マイクロソフト - Microsoft Visio 2010 および Visio Viewer 2010 におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-1888 2012-08-21 17:23 2012-08-14 Show GitHub Exploit DB Packet Storm
194094 2.1 注意 Ubercart - Drupal 用 Ubercart モジュールにおける重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-2299 2012-08-21 15:38 2012-04-25 Show GitHub Exploit DB Packet Storm
194095 5.1 警告 MySQLDumper-Team - MySQLDumper におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-4252 2012-08-21 15:38 2012-08-13 Show GitHub Exploit DB Packet Storm
194096 9.3 危険 Sielco Sistemi - Sielco Sistemi Winlog Pro SCADA および Winlog Lite SCADA におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4359 2012-08-21 15:32 2012-07-31 Show GitHub Exploit DB Packet Storm
194097 9.3 危険 Sielco Sistemi - Sielco Sistemi Winlog Pro SCADA および Winlog Lite SCADA におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4358 2012-08-21 15:31 2012-07-17 Show GitHub Exploit DB Packet Storm
194098 9.3 危険 Sielco Sistemi - Sielco Sistemi Winlog Pro SCADA および Winlog Lite SCADA における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4357 2012-08-21 15:30 2012-07-17 Show GitHub Exploit DB Packet Storm
194099 4.3 警告 Sielco Sistemi - Sielco Sistemi Winlog Pro SCADA および Winlog Lite SCADA におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-4356 2012-08-21 15:22 2012-07-17 Show GitHub Exploit DB Packet Storm
194100 9.3 危険 Sielco Sistemi - Sielco Sistemi Winlog Pro SCADA および Winlog Lite SCADA における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2012-4355 2012-08-21 15:21 2012-07-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 23, 2025, 5:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275231 - ossigeno cms Multiple PHP remote file inclusion vulnerabilities in Ossigeno CMS 2.2 pre1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) level parameter to (a) install_module.php and (b)… CWE-20
 Improper Input Validation  		CVE-2007-6218 2008-11-15 16:03 2007-12-5 Show GitHub Exploit DB Packet Storm
275232 - work_system_e-commerce work_system_e-commerce Unspecified vulnerability in WORK system e-commerce before 4.0.2 has unknown impact and attack vectors related to "Ajax pages." NVD-CWE-noinfo
CVE-2007-5801 2008-11-15 16:02 2007-11-3 Show GitHub Exploit DB Packet Storm
275233 - ssreader ultra_star_reader Buffer overflow in the register function in Ultra Star Reader ActiveX control in SSReader allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild. NOTE: t… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-5807 2008-11-15 16:02 2007-11-6 Show GitHub Exploit DB Packet Storm
275234 - contentcustomizer contentcustomizer dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalp… CWE-200
Information Exposure 		CVE-2007-5816 2008-11-15 16:02 2007-11-6 Show GitHub Exploit DB Packet Storm
275235 - avaya message_networking
messaging_storage_server 		Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service… NVD-CWE-noinfo
CWE-20
 Improper Input Validation  		CVE-2007-5830 2008-11-15 16:02 2007-11-6 Show GitHub Exploit DB Packet Storm
275236 - ssl-explorer ssl-explorer Unspecified vulnerability in selectLanguage.do in SSL-Explorer before 0.2.15 allows remote attackers to inject (1) headers or (2) body data in an HTTP transaction, a different vulnerability than CVE-… NVD-CWE-noinfo
CWE-20
 Improper Input Validation  		CVE-2007-5832 2008-11-15 16:02 2007-11-6 Show GitHub Exploit DB Packet Storm
275237 - easygb easygb Directory traversal vulnerability in index.php in easyGB 2.1.1 allows remote attackers to include arbitrary files via the DatabaseType parameter. NOTE: the provenance of this information is unknown;… NVD-CWE-Other
CVE-2007-5890 2008-11-15 16:02 2007-11-8 Show GitHub Exploit DB Packet Storm
275238 - heimdal heimdal The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-5939 2008-11-15 16:02 2007-12-7 Show GitHub Exploit DB Packet Storm
275239 - helioscalendar helios_calendar Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provena… CWE-79
Cross-site Scripting 		CVE-2007-5952 2008-11-15 16:02 2007-11-14 Show GitHub Exploit DB Packet Storm
275240 - x7_group x7_chat Multiple cross-site scripting (XSS) vulnerabilities in X7 Chat 2.0.4, 2.0.5, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) room parameter to so… CWE-79
Cross-site Scripting 		CVE-2007-5982 2008-11-15 16:02 2007-11-15 Show GitHub Exploit DB Packet Storm