Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194681	4.3	警告	Yaniv Aran-Shamir	-	Drupal 用 Gigya - Social optimization モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2117	2012-09-5 11:41	2012-04-18	Show	GitHub Exploit DB Packet Storm

194682	6.8	警告	Commerce Guys	-	Drupal 用 Commerce Reorder モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-2116	2012-09-5 11:41	2012-04-18	Show	GitHub Exploit DB Packet Storm

194683	7.5	危険	musl libc	-	musl の fprintf におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-2114	2012-09-5 11:40	2012-04-18	Show	GitHub Exploit DB Packet Storm

194684	6.2	警告	Comodo	-	Windows XP 上で稼働する Comodo Internet Security におけるカーネルモードのフックハンドラを回避される脆弱性	CWE-362 競合状態	CVE-2010-5157	2012-09-5 11:39	2010-06-2	Show	GitHub Exploit DB Packet Storm

194685	4.3	警告	Fusion Drupal Themes	-	Drupal 用 Fusion モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2083	2012-09-5 11:37	2012-03-28	Show	GitHub Exploit DB Packet Storm

194686	5.8	警告	EGroupware	-	EGroupware Enterprise Line および EGroupware Community Edition におけるオープンリダイレクトの脆弱性	CWE-Other その他	CVE-2011-4951	2012-09-5 11:37	2011-08-4	Show	GitHub Exploit DB Packet Storm

194687	4.3	警告	EGroupware	-	EGroupware Enterprise Line および EGroupware Community Edition におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4950	2012-09-5 11:35	2011-08-4	Show	GitHub Exploit DB Packet Storm

194688	7.5	危険	EGroupware	-	EGroupware Enterprise Line および EGroupware Community Edition における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4949	2012-09-5 11:34	2011-08-4	Show	GitHub Exploit DB Packet Storm

194689	5	警告	EGroupware	-	EGroupware Enterprise Line および EGroupware Community Edition におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-4948	2012-09-5 11:34	2011-08-4	Show	GitHub Exploit DB Packet Storm

194690	6.8	警告	e107.org	-	e107 の e107_admin/users_extended.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-4947	2012-09-5 11:33	2011-05-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 24, 2025, 4:05 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274081	-	dotnetnuke	dotnetnuke	Multiple cross-site scripting (XSS) vulnerabilities in DotNetNuke before 3.0.12 allow remote attackers to inject arbitrary web script or HTML via the (1) register a new user page, (2) User-Agent, or …	NVD-CWE-Other	CVE-2005-0040	2016-10-18 12:07	2005-05-19	Show	GitHub Exploit DB Packet Storm

274082	-	gnu ubuntu	mailman ubuntu_linux	The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote …	NVD-CWE-Other	CVE-2005-0080	2016-10-18 12:07	2005-05-2	Show	GitHub Exploit DB Packet Storm

274083	-	microsoft	ie	Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a…	NVD-CWE-Other	CVE-2005-0110	2016-10-18 12:07	2005-01-14	Show	GitHub Exploit DB Packet Storm

274084	-	microsoft	outlook_express	Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2004-2694	2016-10-18 12:07	2004-12-31	Show	GitHub Exploit DB Packet Storm

274085	-	geovision	geohttpserver	GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines).	NVD-CWE-Other	CVE-2004-2100	2016-10-18 12:06	2004-12-31	Show	GitHub Exploit DB Packet Storm

274086	-	phorum	phorum	SQL injection vulnerability in register.php in Phorum before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the hide_email parameter.	NVD-CWE-Other	CVE-2004-2110	2016-10-18 12:06	2004-12-31	Show	GitHub Exploit DB Packet Storm

274087	-	iss	blackice_pc_protection	The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users …	NVD-CWE-Other	CVE-2004-2126	2016-10-18 12:06	2004-12-31	Show	GitHub Exploit DB Packet Storm

274088	-	phpbb_group	phpbb	Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote attackers to execute arbitrary script or HTML via the (1) folder or (2) mode variables.	NVD-CWE-Other	CVE-2004-2130	2016-10-18 12:06	2004-12-23	Show	GitHub Exploit DB Packet Storm

274089	-	linux	linux_kernel	cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decr…	NVD-CWE-Other	CVE-2004-2135	2016-10-18 12:06	2004-05-26	Show	GitHub Exploit DB Packet Storm

274090	-	linux	linux_kernel	dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryp…	NVD-CWE-Other	CVE-2004-2136	2016-10-18 12:06	2004-02-19	Show	GitHub Exploit DB Packet Storm