Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197221 7.5 危険 businessspace - BusinessSpace の classified.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0516 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
197222 9.3 危険 elecard - Elecard MPEG Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-0491 2012-06-26 16:10 2009-02-9 Show GitHub Exploit DB Packet Storm
197223 9.3 危険 Audacity - Audacity の lib-src/allegro/strparse.cpp の String_parse::get_nonspace_quoted 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-0490 2012-06-26 16:10 2009-02-9 Show GitHub Exploit DB Packet Storm
197224 6.8 警告 armorlogic - Profense Web Application Firewall の ajax.html におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-0468 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
197225 4.3 警告 armorlogic - Profense Web Application Firewall の proxy.html におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0467 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
197226 5.1 警告 Groone's World - Groone GBook の includes/header.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-0464 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
197227 6.8 警告 Groone's World - Groone GLinks の includes/header.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-0463 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
197228 7.5 危険 clicktech - ClickTech ClickCart の customer_login_check.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0462 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
197229 2.6 注意 glFusion - glFusion の lib-comment.php の 匿名のコメント機能 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0455 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
197230 7.5 危険 DMXReady - DMXReady Online Notebook Manager における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0454 2012-06-26 16:10 2009-02-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 6, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1411 4.3 MEDIUM
Network 		quantumcloud wpot The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'qc_wp_latest_update_check_pro' function in all versio… CWE-862
 Missing Authorization 		CVE-2024-12879 2025-01-25 03:07 2025-01-22 Show GitHub Exploit DB Packet Storm
1412 - - - Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. … CWE-359
 Exposure of Private Personal Information to an Unauthorized Actor 		CVE-2025-24355 2025-01-25 02:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1413 - - - ASTEVAL is an evaluator of Python expressions and statements. Prior to version 1.0.6, if an attacker can control the input to the `asteval` library, they can bypass asteval's restrictions and execute… CWE-134
CWE-749
Use of Externally-Controlled Format String
 Exposed Dangerous Method or Function 		CVE-2025-24359 2025-01-25 02:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1414 - - - An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can access D-Bus services as root. Specifically, dde-api-proxy runs as root and forwards messages from arbit… - CVE-2025-23222 2025-01-25 02:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1415 - - - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.374, the missing authorization allows an authenticated user to retrieve… CWE-200
CWE-862
Information Exposure
 Missing Authorization 		CVE-2025-22612 2025-01-25 02:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1416 - - - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to escalat… CWE-862
 Missing Authorization 		CVE-2025-22611 2025-01-25 02:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1417 - - - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to fetch t… CWE-862
 Missing Authorization 		CVE-2025-22610 2025-01-25 02:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1418 - - - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to attach … CWE-862
 Missing Authorization 		CVE-2025-22609 2025-01-25 02:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1419 - - - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to revoke … CWE-639
CWE-862
 Authorization Bypass Through User-Controlled Key
 Missing Authorization 		CVE-2025-22608 2025-01-25 02:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1420 6.3 MEDIUM
Network 		- - A vulnerability classified as critical has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. This affects an unknown part of the file /admin/sys/user/list. The manipula… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0701 2025-01-25 02:15 2025-01-25 Show GitHub Exploit DB Packet Storm