Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":Jan. 19, 2025, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 195191 | 4.3 | 警告 | JetAudio | - | JetAudio の COWON Media Center におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-3948 | 2012-06-26 16:18 | 2009-11-16 | Show | GitHub Exploit DB Packet Storm |
| 195192 | 5.8 | 警告 | シトリックス・システムズ | - | Citrix Online プラグインなどの製品における SSL/TLS サーバになりすまされる脆弱性 |
CWE-310
暗号の問題 |
CVE-2009-3936 | 2012-06-26 16:18 | 2009-11-9 | Show | GitHub Exploit DB Packet Storm |
| 195193 | 9.3 | 危険 | file project | - | Christos Zoulas の file における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2009-3930 | 2012-06-26 16:18 | 2009-11-10 | Show | GitHub Exploit DB Packet Storm |
| 195194 | 6.8 | 警告 | Drupal chad phillips |
- | Drupal のモジュールの User Protect モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2009-3922 | 2012-06-26 16:18 | 2009-11-9 | Show | GitHub Exploit DB Packet Storm |
| 195195 | 4 | 警告 | Ezra Barnett Gildesgame Drupal |
- | Drupal の Smartqueue_og モジュールにおける任意の基本的なグループ名を発見される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-3921 | 2012-06-26 16:18 | 2009-11-4 | Show | GitHub Exploit DB Packet Storm |
| 195196 | 4.3 | 警告 | Drupal greg knaddison |
- | S5 Presentation Player モジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-3917 | 2012-06-26 16:18 | 2009-11-4 | Show | GitHub Exploit DB Packet Storm |
| 195197 | 9.3 | 危険 | The GIMP Team | - | GIMP の plug-ins/file-psd/psd-load.c における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2009-3909 | 2012-06-26 16:18 | 2009-11-16 | Show | GitHub Exploit DB Packet Storm |
| 195198 | 4.3 | 警告 | ecouriersoftware | - | e-Courier CMS におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-3905 | 2012-06-26 16:18 | 2009-11-6 | Show | GitHub Exploit DB Packet Storm |
| 195199 | 7.5 | 危険 | CubeCart Limited | - | CubeCart の classes/session/cc_admin_session.php における管理アクセス権を取得される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-3904 | 2012-06-26 16:18 | 2009-11-6 | Show | GitHub Exploit DB Packet Storm |
| 195200 | 5 | 警告 | マイクロソフト Cherokee Project |
- | Windows の Cherokee Web Server におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2009-3902 | 2012-06-26 16:18 | 2009-11-6 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:Jan. 20, 2025, 4:11 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 411 | 9.8 |
CRITICAL
Network
ivanti
|
avalanche
|
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.
Update
|
CWE-22
|
Path Traversal
CVE-2024-13179
|
2025-01-17 06:01 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 412 | 7.8 |
HIGH
Local |
adobe | illustrator | Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user… Update |
CWE-191
Integer Underflow (Wrap or Wraparound) |
CVE-2025-21134 | 2025-01-17 05:43 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 413 | 8.8 |
HIGH
Network |
chrome | Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Update |
CWE-125
Out-of-bounds Read |
CVE-2025-0437 | 2025-01-17 05:35 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm | |
| 414 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2022_23h2 windows_11_23h2 windows_10_1607 windows_10_1809 windows_10_1507 windows_10_21h2 windows_10_22h2 windows_11_… |
Windows Telephony Service Remote Code Execution Vulnerability Update |
NVD-CWE-noinfo
|
CVE-2025-21417 | 2025-01-17 05:34 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 415 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability Update |
NVD-CWE-noinfo
|
CVE-2025-21413 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 416 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability Update |
NVD-CWE-noinfo
|
CVE-2025-21411 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 417 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability Update |
NVD-CWE-noinfo
|
CVE-2025-21409 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 418 | - | - | - | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in carrotbits Greek Namedays Widget From Eortologio.Net allows Stored XSS.This issue affects Greek N… New |
CWE-79
Cross-site Scripting |
CVE-2025-23783 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm | |
| 419 | - | - | - | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Revolutionart Marmoset Viewer allows Stored XSS.This issue affects Marmoset Viewer: from n/a thro… New |
CWE-79
Cross-site Scripting |
CVE-2025-23767 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm | |
| 420 | - | - | - | Cross-Site Request Forgery (CSRF) vulnerability in Mahdi Khaksar mybb Last Topics allows Stored XSS.This issue affects mybb Last Topics: from n/a through 1.0. New |
CWE-352
Origin Validation Error |
CVE-2025-23749 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm |