Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 11, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195171 7.5 危険 Open Dynamics - Collabtive における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-6947 2012-06-26 16:10 2009-08-12 Show GitHub Exploit DB Packet Storm
195172 4.3 警告 Open Dynamics - Collabtive の manageproject.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6946 2012-06-26 16:10 2009-08-12 Show GitHub Exploit DB Packet Storm
195173 7.5 危険 AlstraSoft - AlstraSoft SendIt Pro の submit_file.php における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6932 2012-06-26 16:10 2009-08-11 Show GitHub Exploit DB Packet Storm
195174 4.3 警告 cPanel - cPanel の Fantastico De Luxe モジュール におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6927 2012-06-26 16:10 2009-08-10 Show GitHub Exploit DB Packet Storm
195175 7.5 危険 exoscripts - Exocrew ExoPHPDesk の admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6917 2012-06-26 16:10 2009-08-7 Show GitHub Exploit DB Packet Storm
195176 6.8 警告 brewblogger - BB の includes/authentication.inc.php の authenticateUser 関数における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6911 2012-06-26 16:10 2009-08-6 Show GitHub Exploit DB Packet Storm
195177 6.8 警告 2532gigs - 2532designs 2532|Gigs Stable の checkuser.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6907 2012-06-26 16:10 2009-08-6 Show GitHub Exploit DB Packet Storm
195178 4.3 警告 babbleboard - BabbleBoard の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6906 2012-06-26 16:10 2009-08-6 Show GitHub Exploit DB Packet Storm
195179 6 警告 babbleboard - BabbleBoard の index.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6905 2012-06-26 16:10 2009-08-6 Show GitHub Exploit DB Packet Storm
195180 6.8 警告 2532gigs - 2532designs 2532|Gigs の upload_flyer.php における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6902 2012-06-26 16:10 2009-08-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 11, 2025, 5:03 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
21 5.5 MEDIUM
Local 		qualcomm ar8035_firmware
c-v2x_9150_firmware
csrb31024_firmware
fastconnect_6800_firmware
fastconnect_6900_firmware
fastconnect_7800_firmware
msm8996au_firmware
qam8295p_firmware
qca63… 		Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. Update CWE-125
Out-of-bounds Read 		CVE-2024-33067 2025-01-11 00:39 2025-01-6 Show GitHub Exploit DB Packet Storm
22 5.5 MEDIUM
Local 		qualcomm qam8255p_firmware
qam8295p_firmware
qam8650p_firmware
qam8775p_firmware
qamsrv1h_firmware
qca6595_firmware
qca6595au_firmware
qca6696_firmware
qca6698aq_firmware
sa8255p_fi… 		information disclosure while invoking the mailbox read API. Update CWE-125
Out-of-bounds Read 		CVE-2024-43063 2025-01-11 00:37 2025-01-6 Show GitHub Exploit DB Packet Storm
23 7.8 HIGH
Local 		google android In DevmemIntMapPages of devicemem_server.c, there is a possible physical page uaf due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional e… New NVD-CWE-noinfo
CVE-2023-35685 2025-01-11 00:30 2025-01-9 Show GitHub Exploit DB Packet Storm
24 - - - Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnerability in /goform/SetOnlineDevName, which may lead to remote arbitrary code execution. New - CVE-2025-22946 2025-01-11 00:15 2025-01-11 Show GitHub Exploit DB Packet Storm
25 - - - A Cross Site Scripting (XSS) vulnerability was found in /landrecordsys/admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the "page… New - CVE-2024-57686 2025-01-11 00:15 2025-01-10 Show GitHub Exploit DB Packet Storm
26 - - - In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal(). New - CVE-2024-57822 2025-01-11 00:15 2025-01-10 Show GitHub Exploit DB Packet Storm
27 - - - Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection.This issue affects Monster Menus: from 0.0.0 before 9.3.4, from 9.4.0 before 9.4.2. New - CVE-2024-13288 2025-01-11 00:15 2025-01-10 Show GitHub Exploit DB Packet Storm
28 9.8 CRITICAL
Network 		- - IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition. By sending a specially crafted request, a… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2024-41787 2025-01-10 23:15 2025-01-10 Show GitHub Exploit DB Packet Storm
29 - - - In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path(). New - CVE-2024-57823 2025-01-10 23:15 2025-01-10 Show GitHub Exploit DB Packet Storm
30 - - - A vulnerability classified as problematic has been found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. This affects an unknown part of the file /web_caps/webC… Update - CVE-2024-13131 2025-01-10 23:15 2025-01-5 Show GitHub Exploit DB Packet Storm