Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194681 4.3 警告 Yaniv Aran-Shamir - Drupal 用 Gigya - Social optimization モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2117 2012-09-5 11:41 2012-04-18 Show GitHub Exploit DB Packet Storm
194682 6.8 警告 Commerce Guys - Drupal 用 Commerce Reorder モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2116 2012-09-5 11:41 2012-04-18 Show GitHub Exploit DB Packet Storm
194683 7.5 危険 musl libc - musl の fprintf におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2114 2012-09-5 11:40 2012-04-18 Show GitHub Exploit DB Packet Storm
194684 6.2 警告 Comodo - Windows XP 上で稼働する Comodo Internet Security におけるカーネルモードのフックハンドラを回避される脆弱性 CWE-362
競合状態 		CVE-2010-5157 2012-09-5 11:39 2010-06-2 Show GitHub Exploit DB Packet Storm
194685 4.3 警告 Fusion Drupal Themes - Drupal 用 Fusion モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2083 2012-09-5 11:37 2012-03-28 Show GitHub Exploit DB Packet Storm
194686 5.8 警告 EGroupware - EGroupware Enterprise Line および EGroupware Community Edition におけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2011-4951 2012-09-5 11:37 2011-08-4 Show GitHub Exploit DB Packet Storm
194687 4.3 警告 EGroupware - EGroupware Enterprise Line および EGroupware Community Edition におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4950 2012-09-5 11:35 2011-08-4 Show GitHub Exploit DB Packet Storm
194688 7.5 危険 EGroupware - EGroupware Enterprise Line および EGroupware Community Edition における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4949 2012-09-5 11:34 2011-08-4 Show GitHub Exploit DB Packet Storm
194689 5 警告 EGroupware - EGroupware Enterprise Line および EGroupware Community Edition におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4948 2012-09-5 11:34 2011-08-4 Show GitHub Exploit DB Packet Storm
194690 6.8 警告 e107.org - e107 の e107_admin/users_extended.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-4947 2012-09-5 11:33 2011-05-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 21, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1491 - - - A Local File Inclusion (LFI) vulnerability exists in the /load-workflow endpoint of modelscope/agentscope version v0.0.4. This vulnerability allows an attacker to read arbitrary files from the server… - CVE-2024-8550 2025-02-11 09:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1492 - - - A vulnerability in mintplex-labs/anything-llm prior to version 1.3.1 allows for path traversal due to improper handling of non-ASCII filenames in the multer library. This vulnerability can lead to ar… - CVE-2024-13059 2025-02-11 09:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1493 - - - wandb/openui latest commit c945bb859979659add5f490a874140ad17c56a5d contains a vulnerability where unauthenticated endpoints allow file uploads and downloads from an AWS S3 bucket. This can lead to m… - CVE-2024-10649 2025-02-11 09:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1494 - - - A stored cross-site scripting (XSS) vulnerability in the Parameter List module of cool-admin-java v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into t… - CVE-2024-57409 2025-02-11 09:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1495 - - - An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0 allows attackers to execute arbitrary code via uploading a crafted file. - CVE-2024-57408 2025-02-11 09:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1496 - - - Lemmy, a link aggregator and forum for the fediverse, is vulnerable to server-side request forgery via a dependency on activitypub_federation, a framework for ActivityPub federation in Rust. This vul… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2025-25194 2025-02-11 08:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1497 6.3 MEDIUM
Network 		- - A vulnerability was found in ESAFENET CDG 5.6.3.154.205_20250114. It has been classified as critical. Affected is an unknown function of the file addPolicyToSafetyGroup.jsp. The manipulation of the a… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-1158 2025-02-11 07:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1498 - - - A host header injection vulnerability exists in the NPM package of perfood/couch-auth <= 0.21.2. By sending a specially crafted host header in the email change confirmation request, it is possible to… - CVE-2024-57177 2025-02-11 07:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1499 - - - A sensitive information disclosure vulnerability in the Tenda W18E V16.01.0.8(1625) web management portal allows an unauthenticated remote attacker to retrieve sensitive configuration information, in… - CVE-2024-46437 2025-02-11 07:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1500 - - - Hardcoded credentials in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to gain root access to the device over the telnet service. - CVE-2024-46436 2025-02-11 07:15 2025-02-11 Show GitHub Exploit DB Packet Storm