Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 14, 2025, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196921 7.5 危険 boastmachine - boastMachine の mail.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0422 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
196922 5.5 警告 Belkin International - Belkin Wireless G Plus MIMO Router F5D9230-4 の Web サーバにおける設定を変更される脆弱性 CWE-287
不適切な認証 		CVE-2008-0403 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
196923 4.3 警告 aflog - aflog におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0398 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
196924 6.8 警告 aflog - aflog における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0397 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
196925 7.8 危険 BitDefender - 複数の BitDefender 製品で使用される BitDefender Update Server におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0396 2012-06-26 15:55 2008-01-23 Show GitHub Exploit DB Packet Storm
196926 7.5 危険 citadel - Citadel SMTP サーバにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0394 2012-06-26 15:54 2008-01-23 Show GitHub Exploit DB Packet Storm
196927 5.8 警告 gradman - GradMan の info.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0393 2012-06-26 15:54 2008-01-22 Show GitHub Exploit DB Packet Storm
196928 7.5 危険 alilg - aliTalk の inc/elementz.php における任意のユーザアカウントを追加される脆弱性 CWE-287
不適切な認証 		CVE-2008-0391 2012-06-26 15:54 2008-01-22 Show GitHub Exploit DB Packet Storm
196929 7.5 危険 AuraCMS - AuraCMS のstat.php における online.db.txt へ任意の PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0390 2012-06-26 15:54 2008-01-22 Show GitHub Exploit DB Packet Storm
196930 7.8 危険 Firebird Project - Firebird SQL における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2008-0387 2012-06-26 15:54 2008-01-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
411 - - - A vulnerability was found in StarSea99 starsea-mall 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/categories/update. The manipulation of the arg… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2025-0400 2025-01-13 08:15 2025-01-13 Show GitHub Exploit DB Packet Storm
412 - - - A vulnerability was found in StarSea99 starsea-mall 1.0. It has been declared as critical. This vulnerability affects the function UploadController of the file src/main/java/com/siro/mall/controller/… New CWE-284
CWE-434
Improper Access Control
 Unrestricted Upload of File with Dangerous Type  		CVE-2025-0399 2025-01-13 08:15 2025-01-13 Show GitHub Exploit DB Packet Storm
413 - - - HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. The application transmits sensitive or security-critical data in cleartext in a communication channel t… New - CVE-2024-42181 2025-01-13 07:15 2025-01-13 Show GitHub Exploit DB Packet Storm
414 - - - HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect content types, double extensions, null bytes, and special chara… New - CVE-2024-42180 2025-01-13 07:15 2025-01-13 Show GitHub Exploit DB Packet Storm
415 - - - HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Microsoft-HTTP API/2.0 as the server's name & version. New - CVE-2024-42179 2025-01-13 07:15 2025-01-13 Show GitHub Exploit DB Packet Storm
416 - - - A vulnerability has been found in longpi1 warehouse 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /resources/..;/inport/updateInport of the… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2025-0398 2025-01-12 23:15 2025-01-12 Show GitHub Exploit DB Packet Storm
417 5.9 MEDIUM
Network 		- - IBM Robotic Process Automation 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 could allow a remote attacker to obtain sensitive data that may be exposed through certain crypto-analytic attacks. New CWE-780
CVE-2024-51456 2025-01-12 23:15 2025-01-12 Show GitHub Exploit DB Packet Storm
418 - - - A vulnerability, which was classified as problematic, was found in reckcn SPPanAdmin 1.0. Affected is an unknown function of the file /;/admin/role/edit. The manipulation of the argument name leads t… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2025-0397 2025-01-12 22:15 2025-01-12 Show GitHub Exploit DB Packet Storm
419 - - - A vulnerability, which was classified as critical, has been found in exelban stats up to 2.11.21. This issue affects the function shouldAcceptNewConnection of the component XPC Service. The manipulat… New CWE-77
CWE-74
Command Injection
Injection 		CVE-2025-0396 2025-01-12 21:15 2025-01-12 Show GitHub Exploit DB Packet Storm
420 5.4 MEDIUM
Network 		- - IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary J… New CWE-79
Cross-site Scripting 		CVE-2024-49785 2025-01-12 11:15 2025-01-12 Show GitHub Exploit DB Packet Storm