Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197461 5 警告 ea - Crysis の HTTP/XML-RPC サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2008-6712 2012-06-26 16:10 2009-04-10 Show GitHub Exploit DB Packet Storm
197462 4.3 警告 DNN - DotNetNuke のエラーハンドリングページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6733 2012-06-26 16:10 2008-06-11 Show GitHub Exploit DB Packet Storm
197463 4.3 警告 DNN - DotNetNuke の Language skin オブジェクトにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6732 2012-06-26 16:10 2008-06-11 Show GitHub Exploit DB Packet Storm
197464 9 危険 アバイア - Avaya Communication Manager の Web 管理インターフェースにおける任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2008-6711 2012-06-26 16:10 2008-06-25 Show GitHub Exploit DB Packet Storm
197465 9 危険 アバイア - Avaya Communication Manager の Web 管理インターフェースにおける root 権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2008-6710 2012-06-26 16:10 2008-06-25 Show GitHub Exploit DB Packet Storm
197466 4.3 警告 butterflymedia - Butterfly Organizer におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6700 2012-06-26 16:10 2009-04-10 Show GitHub Exploit DB Packet Storm
197467 7.5 危険 frank naegler
TYPO3 Association		 - TYPO3 の timtab_sociable における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6695 2012-06-26 16:10 2009-04-10 Show GitHub Exploit DB Packet Storm
197468 4.3 警告 david cadu
TYPO3 Association		 - TYPO3 の dcdgooglemap におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6687 2012-06-26 16:10 2009-04-10 Show GitHub Exploit DB Packet Storm
197469 4.3 警告 The Dojo Foundation - Dojo の dijit.Editor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6681 2012-06-26 16:10 2009-04-9 Show GitHub Exploit DB Packet Storm
197470 7.5 危険 dirk bartley - nweb2fax の viewrq.php における任意のコードを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2008-6669 2012-06-26 16:10 2009-04-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 1, 2025, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1001 6.5 MEDIUM
Network 		- - IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of add… CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2024-45077 2025-01-25 01:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1002 - - - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In version 4.0.0-beta.358 and possibly earlier versions, when creating or updating a "project," it … CWE-78
OS Command  		CVE-2025-22606 2025-01-25 01:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1003 5.9 MEDIUM
Network 		- - IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit … CWE-311
Missing Encryption of Sensitive Data 		CVE-2024-41757 2025-01-25 01:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1004 5.3 MEDIUM
Network 		- - IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system. CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2024-40706 2025-01-25 01:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1005 8.0 HIGH
Network 		- - IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and up… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-40693 2025-01-25 01:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1006 8.0 HIGH
Network 		- - IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. Attackers can make use of this weakness and upload m… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-25034 2025-01-25 01:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1007 6.5 MEDIUM
Network 		- - The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'download_image_via_ai' and 'generate_image… CWE-862
 Missing Authorization 		CVE-2024-13698 2025-01-25 01:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1008 - - - In the Linux kernel, the following vulnerability has been resolved: ovl: support encoding fid from inode with no alias Dmitry Safonov reported that a WARN_ON() assertion can be trigered by userspac… - CVE-2025-21654 2025-01-25 01:15 2025-01-19 Show GitHub Exploit DB Packet Storm
1009 - - - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Starting in version 4.0.0-beta.18 and prior to 4.0.0-beta.253, a vulnerability in the execution of … CWE-78
OS Command  		CVE-2025-22605 2025-01-25 00:15 2025-01-25 Show GitHub Exploit DB Packet Storm
1010 5.3 MEDIUM
Network 		- - A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the… CWE-74
CWE-707
Injection
 Improper Enforcement of Message or Data Structure 		CVE-2025-0697 2025-01-25 00:15 2025-01-25 Show GitHub Exploit DB Packet Storm