Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 13, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
195191	7.5	危険	Activewebsoftwares	-	ASPReferral の Merchantsadd.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6889	2012-06-26 16:10	2009-08-3	Show	GitHub Exploit DB Packet Storm

195192	7.5	危険	easysitenetwork	-	EasySiteNetwork Free Jokes Website の joke.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6880	2012-06-26 16:10	2009-07-30	Show	GitHub Exploit DB Packet Storm

195193	4.3	警告	Apache Software Foundation	-	Apache Roller におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6879	2012-06-26 16:10	2009-07-30	Show	GitHub Exploit DB Packet Storm

195194	4.3	警告	editeurscripts	-	EsPartenaires の login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6876	2012-06-26 16:10	2009-07-24	Show	GitHub Exploit DB Packet Storm

195195	7.5	危険	aspsiteware	-	ASP SiteWare autoDealer における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6874	2012-06-26 16:10	2009-07-24	Show	GitHub Exploit DB Packet Storm

195196	7.5	危険	Activewebsoftwares	-	Active Web Mail における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6873	2012-06-26 16:10	2009-07-23	Show	GitHub Exploit DB Packet Storm

195197	5	警告	aspthai.net	-	ASPThai.NET ASPThai Forums におけるデータベースをダウンロードされる脆弱性	CWE-200 情報漏えい	CVE-2008-6872	2012-06-26 16:10	2009-07-23	Show	GitHub Exploit DB Packet Storm

195198	4.3	警告	editeurscripts	-	EditeurScripts EsBaseAdmin の default/login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6868	2012-06-26 16:10	2009-07-23	Show	GitHub Exploit DB Packet Storm

195199	6.8	警告	AVAST Software s.r.o.	-	avast! Linux Home Edition におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-6846	2012-06-26 16:10	2009-07-2	Show	GitHub Exploit DB Packet Storm

195200	5	警告	ClamAV	-	ClamAV のアンパック機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2008-6845	2012-06-26 16:10	2009-07-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 13, 2025, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
171	9.8	CRITICAL Network	campcodes	project_management_system	A vulnerability was found in Campcodes Project Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forms/update_forms.php?action=change_pic2&… Update	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2025-0213	2025-01-11 03:55	2025-01-5	Show	GitHub Exploit DB Packet Storm

172	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: bpf: put bpf_link's program when link is safe to be deallocated In general, BPF link's underlying BPF program should be considere… Update	NVD-CWE-noinfo	CVE-2024-56786	2025-01-11 03:53	2025-01-9	Show	GitHub Exploit DB Packet Storm

173	-		-	-	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - Breadcrumbs2 extension allows Cross-Site Scripting (XSS).… New	-	CVE-2025-23078	2025-01-11 03:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

174	-		-	-	During MegaBIP installation process, a user is encouraged to change a default path to administrative portal, as keeping it secret is listed by the author as one of the protection mechanisms. Publicl… New	-	CVE-2024-6880	2025-01-11 03:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

175	-		-	-	Websites managed by MegaBIP in versions below 5.15 are vulnerable to Cross-Site Request Forgery (CSRF) as the form available under "/edytor/index.php?id=7,7,0" lacks protection mechanisms. A user cou… New	-	CVE-2024-6662	2025-01-11 03:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

176	-		-	-	Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. New	-	CVE-2024-57228	2025-01-11 03:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

177	-		-	-	Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. New	-	CVE-2024-57227	2025-01-11 03:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

178	-		-	-	Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. New	-	CVE-2024-57226	2025-01-11 03:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

179	-		-	-	Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. New	-	CVE-2024-57225	2025-01-11 03:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

180	-		-	-	Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. New	-	CVE-2024-57224	2025-01-11 03:15	2025-01-11	Show	GitHub Exploit DB Packet Storm