Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 11, 2025, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196981 4.3 警告 Coppermine Photo Gallery - CPG の displayecard.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5888 2012-06-26 15:54 2007-11-7 Show GitHub Exploit DB Packet Storm
196982 4.6 警告 bitchx - BitchX の e_hostname 関数における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2007-5839 2012-06-26 15:54 2007-11-6 Show GitHub Exploit DB Packet Storm
196983 7.5 危険 afcommerce - Amazing Flash AFCommerce における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5836 2012-06-26 15:54 2007-11-5 Show GitHub Exploit DB Packet Storm
196984 5 警告 bosdev - BosDev BosNews の Install.php におけるサービス運用妨害 (ファイルの上書き) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5835 2012-06-26 15:54 2007-11-5 Show GitHub Exploit DB Packet Storm
196985 4.3 警告 bosdev - BosDev BosNews におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5834 2012-06-26 15:54 2007-11-5 Show GitHub Exploit DB Packet Storm
196986 3.5 注意 bosdev - BosDev BosMarket Business Directory System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5833 2012-06-26 15:54 2007-11-5 Show GitHub Exploit DB Packet Storm
196987 7.8 危険 アバイア - Avaya MSS および MN の管理インターフェースにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5830 2012-06-26 15:54 2007-11-1 Show GitHub Exploit DB Packet Storm
196988 9.3 危険 EdrawSoft - EDImage.ocx の EDraw Flowchart ActiveX コントロールにおける絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5826 2012-06-26 15:54 2007-11-5 Show GitHub Exploit DB Packet Storm
196989 7.5 危険 firefly - Firefly Media Server の mt-dappd の webserver.c の ws_addarg 関数におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2007-5825 2012-06-26 15:54 2007-11-5 Show GitHub Exploit DB Packet Storm
196990 7.1 危険 firefly - Firefly Media Server の mt-dappd の webserver.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5824 2012-06-26 15:54 2007-11-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 11, 2025, 5:03 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221 - - - The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old… New - CVE-2024-10815 2025-01-10 01:15 2025-01-9 Show GitHub Exploit DB Packet Storm
222 - - - An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 allows attackers to cause a Denial of Service (DoS) via a crafted XML payload. Update - CVE-2024-46603 2025-01-10 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
223 - - - An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML External Entity (XXE) vulnerability may allow an attacker to cause a Denial of Service (DoS) via a cra… Update - CVE-2024-46602 2025-01-10 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
224 - - - Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow. Update - CVE-2024-46601 2025-01-10 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
225 5.5 MEDIUM
Local 		dell powerscale_onefs Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerab… Update CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2024-47475 2025-01-10 01:04 2025-01-7 Show GitHub Exploit DB Packet Storm
226 - - - A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer. New - CVE-2024-10106 2025-01-10 00:15 2025-01-10 Show GitHub Exploit DB Packet Storm
227 - - - IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as configurations that should only be available to privileged users. New CWE-282
CWE-276
 Improper Ownership Management
Incorrect Default Permissions  		CVE-2024-43176 2025-01-10 00:15 2025-01-9 Show GitHub Exploit DB Packet Storm
228 - - - IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, and 12.4 operands running in Red H… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2022-22491 2025-01-10 00:15 2025-01-9 Show GitHub Exploit DB Packet Storm
229 - - - The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to Cross-Site Request Fo… New - CVE-2024-12605 2025-01-10 00:15 2025-01-9 Show GitHub Exploit DB Packet Storm
230 - - - SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Mic… New - CVE-2024-12802 2025-01-10 00:15 2025-01-9 Show GitHub Exploit DB Packet Storm