Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 13, 2025, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195231 7.5 危険 aj square - AJ Square AJ Article の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6721 2012-06-26 16:10 2009-04-14 Show GitHub Exploit DB Packet Storm
195232 7.5 危険 DeltaScripts - DeltaScripts PHP Links の admin/adm_login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6720 2012-06-26 16:10 2009-04-13 Show GitHub Exploit DB Packet Storm
195233 5 警告 ea - Crysis の HTTP/XML-RPC サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2008-6712 2012-06-26 16:10 2009-04-10 Show GitHub Exploit DB Packet Storm
195234 4.3 警告 DNN - DotNetNuke のエラーハンドリングページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6733 2012-06-26 16:10 2008-06-11 Show GitHub Exploit DB Packet Storm
195235 4.3 警告 DNN - DotNetNuke の Language skin オブジェクトにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6732 2012-06-26 16:10 2008-06-11 Show GitHub Exploit DB Packet Storm
195236 9 危険 アバイア - Avaya Communication Manager の Web 管理インターフェースにおける任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2008-6711 2012-06-26 16:10 2008-06-25 Show GitHub Exploit DB Packet Storm
195237 9 危険 アバイア - Avaya Communication Manager の Web 管理インターフェースにおける root 権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2008-6710 2012-06-26 16:10 2008-06-25 Show GitHub Exploit DB Packet Storm
195238 4.3 警告 butterflymedia - Butterfly Organizer におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6700 2012-06-26 16:10 2009-04-10 Show GitHub Exploit DB Packet Storm
195239 7.5 危険 frank naegler
TYPO3 Association		 - TYPO3 の timtab_sociable における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6695 2012-06-26 16:10 2009-04-10 Show GitHub Exploit DB Packet Storm
195240 4.3 警告 david cadu
TYPO3 Association		 - TYPO3 の dcdgooglemap におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6687 2012-06-26 16:10 2009-04-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 13, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 9.8 CRITICAL
Network 		campcodes project_management_system A vulnerability was found in Campcodes Project Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forms/update_forms.php?action=change_pic2&… Update CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2025-0213 2025-01-11 03:55 2025-01-5 Show GitHub Exploit DB Packet Storm
172 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: bpf: put bpf_link's program when link is safe to be deallocated In general, BPF link's underlying BPF program should be considere… Update NVD-CWE-noinfo
CVE-2024-56786 2025-01-11 03:53 2025-01-9 Show GitHub Exploit DB Packet Storm
173 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - Breadcrumbs2 extension allows Cross-Site Scripting (XSS).… New - CVE-2025-23078 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
174 - - - During MegaBIP installation process, a user is encouraged to change a default path to administrative portal, as keeping it secret is listed by the author as one of the protection mechanisms.  Publicl… New - CVE-2024-6880 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
175 - - - Websites managed by MegaBIP in versions below 5.15 are vulnerable to Cross-Site Request Forgery (CSRF) as the form available under "/edytor/index.php?id=7,7,0" lacks protection mechanisms. A user cou… New - CVE-2024-6662 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
176 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. New - CVE-2024-57228 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
177 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. New - CVE-2024-57227 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
178 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. New - CVE-2024-57226 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
179 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. New - CVE-2024-57225 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
180 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. New - CVE-2024-57224 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm