Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196241 7.5 危険 files2links - Files2Links F2L 3000 機器における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0469 2012-06-26 16:19 2010-02-2 Show GitHub Exploit DB Packet Storm
196242 5 警告 Chill Creations
Joomla!		 - Joomla! の ccNewsletter コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-0467 2012-06-26 16:19 2010-02-2 Show GitHub Exploit DB Packet Storm
196243 7.5 危険 a3malnet - magic-portal の home.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0457 2012-06-26 16:19 2010-01-28 Show GitHub Exploit DB Packet Storm
196244 7.5 危険 fabricadigital - Publique! の cgi/cgilua.exe/sys/start.htm における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0454 2012-06-26 16:19 2010-01-28 Show GitHub Exploit DB Packet Storm
196245 5 警告 Digium - Asterisk Open Source におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0441 2012-06-26 16:19 2010-02-4 Show GitHub Exploit DB Packet Storm
196246 6.9 警告 chip salzenberg - Chip Salzenberg Deliver における重要な情報を取得される脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-0439 2012-06-26 16:19 2010-03-26 Show GitHub Exploit DB Packet Storm
196247 4.3 警告 entente-oya
Apache Software Foundation
neogia		 - Opentaps などで使用される Apache Open For Business Project におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0432 2012-06-26 16:19 2010-04-15 Show GitHub Exploit DB Packet Storm
196248 3.3 注意 paul vixie
fedorahosted.org		 - cronie および Vixie cron の edit_cmd 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-0424 2012-06-26 16:19 2010-02-25 Show GitHub Exploit DB Packet Storm
196249 4 警告 GNOME Project - gnome-screensaver における画面がロックされている無人のワークステーションにアクセスされる脆弱性 CWE-Other
その他 		CVE-2010-0422 2012-06-26 16:19 2010-02-12 Show GitHub Exploit DB Packet Storm
196250 10 危険 chumby - chumby classic の chumby one の Web インターフェースにおける任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2010-0418 2012-06-26 16:19 2010-03-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1051 - - - IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do… CWE-923
CWE-862
 Improper Restriction of Communication Channel to Intended Endpoints
 Missing Authorization 		CVE-2022-43916 2025-01-30 23:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1052 - - - An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to write messages into other users chat by changing the paramet… CWE-284
CWE-863
Improper Access Control
 Incorrect Authorization 		CVE-2025-0741 2025-01-30 23:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1053 - - - The WP Image Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'file' parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization … CWE-79
Cross-site Scripting 		CVE-2024-13706 2025-01-30 23:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1054 - - - The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.6.0. This is due to the sof… CWE-94
Code Injection 		CVE-2024-13453 2025-01-30 23:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1055 - - - The Simple:Press Forum plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 6.10.11 due to insufficient input sanitization … CWE-79
Cross-site Scripting 		CVE-2024-12409 2025-01-30 23:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1056 - - - A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation. CWE-269
CWE-276
 Improper Privilege Management
Incorrect Default Permissions  		CVE-2025-23007 2025-01-30 23:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1057 5.6 MEDIUM
Network 		- - A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipu… CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error') 
Heap-based Buffer Overflow 		CVE-2025-0870 2025-01-30 22:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1058 4.3 MEDIUM
Network 		- - A vulnerability was found in Cianet ONU GW24AC up to 20250127. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Login. The manipulation… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2025-0869 2025-01-30 22:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1059 - - - A Reflected Cross-Site Scripting vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to craft a malicious URL leveraging the"/embedai/users/show… CWE-79
Cross-site Scripting 		CVE-2025-0746 2025-01-30 21:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1060 - - - An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to obtain chat messages belonging to other users by changing th… CWE-284
Improper Access Control 		CVE-2025-0740 2025-01-30 20:15 2025-01-30 Show GitHub Exploit DB Packet Storm