Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194521 6.9 警告 QtWeb.NET - QtWeb Browser における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5247 2012-09-11 15:21 2012-09-7 Show GitHub Exploit DB Packet Storm
194522 6.9 警告 Maxthon - Maxthon Browser における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5246 2012-09-11 15:20 2012-09-7 Show GitHub Exploit DB Packet Storm
194523 6.9 警告 Tracker Software Products - PDF-XChange における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5245 2012-09-11 15:20 2012-09-7 Show GitHub Exploit DB Packet Storm
194524 6.9 警告 SiSoftware - SiSoftware Sandra における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5244 2012-09-11 15:19 2012-09-7 Show GitHub Exploit DB Packet Storm
194525 6.9 警告 サイバーリンク株式会社 - Cyberlink Power2Go における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5243 2012-09-11 15:18 2012-09-7 Show GitHub Exploit DB Packet Storm
194526 6.9 警告 Sony Creative Software - Sound Forge Pro における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5242 2012-09-11 15:18 2012-09-7 Show GitHub Exploit DB Packet Storm
194527 6.9 警告 オートデスク株式会社 - Autodesk AutoCAD における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5241 2012-09-11 15:17 2012-09-7 Show GitHub Exploit DB Packet Storm
194528 6.9 警告 コーレル株式会社 - Corel PHOTO-PAINT X3 および CorelDRAW X5 における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5240 2012-09-11 15:17 2012-09-7 Show GitHub Exploit DB Packet Storm
194529 6.9 警告 DAEMON Tools - DAEMON Tools における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5239 2012-09-11 15:16 2012-09-7 Show GitHub Exploit DB Packet Storm
194530 6.9 警告 サイバーリンク株式会社 - CyberLink PowerDirector における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5238 2012-09-11 15:15 2012-09-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 24, 2025, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1451 - - - Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, due to a lack of CSRF protection and the lack of proper security attrib… CWE-352
CWE-614
CWE-1275
 Origin Validation Error
 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
 Sensitive Cookie with Improper SameSite Attribute 		CVE-2025-24897 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1452 - - - Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, a login token named `token` is stored in a cookie for authentication pu… CWE-613
 Insufficient Session Expiration 		CVE-2025-24896 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1453 - - - eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, per … CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2025-24807 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1454 - - - A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution. CWE-121
Stack-based Buffer Overflow 		CVE-2025-22467 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1455 - - - Concorde, formerly know as Nexkey, is a fork of the federated microblogging platform Misskey. Due to a lack of CSRF countermeasures and improper settings of cookies for MediaProxy authentication, the… CWE-352
 Origin Validation Error 		CVE-2025-24900 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1456 - - - OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution. CWE-78
OS Command  		CVE-2024-47908 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1457 - - - Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read … CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2024-13843 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1458 - - - A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data. CWE-321
 Use of Hard-coded Cryptographic Key 		CVE-2024-13842 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1459 - - - Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2024-13813 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1460 - - - External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read … CWE-73
 External Control of File Name or Path 		CVE-2024-12058 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm