Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
197571	7.5	危険	dieselscripts	-	Diesel Pay の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6468	2012-06-26 16:10	2009-03-13	Show	GitHub Exploit DB Packet Storm

197572	7.5	危険	dieselscripts	-	Diesel Job Site の jobs/jobseekers/job-info.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6467	2012-06-26 16:10	2009-03-13	Show	GitHub Exploit DB Packet Storm

197573	7.5	危険	e107.org akirapowered	-	Akira Powered Image Gallery プラグインの image_gallery.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6466	2012-06-26 16:10	2009-03-13	Show	GitHub Exploit DB Packet Storm

197574	7.5	危険	dieter mayer TYPO3 Association	-	TYPO3 の dmaddredit の FE address edit における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6458	2012-06-26 16:10	2009-03-13	Show	GitHub Exploit DB Packet Storm

197575	7.5	危険	brian wilson	-	ol'bookmarks manager の show.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6410	2012-06-26 16:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

197576	7.5	危険	brian wilson	-	ol'bookmarks manager の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6409	2012-06-26 16:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

197577	7.5	危険	brian wilson	-	ol'bookmarks manager の frame.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-6408	2012-06-26 16:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

197578	7.5	危険	brian wilson	-	ol'bookmarks manager の frame.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6407	2012-06-26 16:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

197579	4.3	警告	datalifecms	-	DLE の admin.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6406	2012-06-26 16:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

197580	7.5	危険	greatclone	-	Hotscripts Clone の showcategory.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6405	2012-06-26 16:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 25, 2025, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2011	-		-	-	In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack an…	-	CVE-2024-27137	2025-02-7 06:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

2012	6.1	MEDIUM Network	-	-	IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI th…	CWE-79 Cross-site Scripting	CVE-2024-52892	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

2013	-		-	-	2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices.	-	CVE-2024-47258	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

2014	-		-	-	Successful exploitation of this vulnerability could allow an attacker (who needs to have Admin access privileges) to read hardcoded AES passphrase, which may be used for decryption of certain data wi…	-	CVE-2024-47256	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

2015	-		-	-	Specifically crafted payloads sent to the RFID reader could cause DoS of RFID reader. After the device is restarted, it gets back to fully working state.	-	CVE-2024-13417	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

2016	-		-	-	WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local file…	-	CVE-2025-24787	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

2017	-		-	-	WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in the directory `/db`, there is no path traversal prevention in place. This allows an …	-	CVE-2025-24786	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

2018	-		-	-	Cross Site Request Forgery (CSRF) in Users.php in SourceCodester Packers and Movers Management System 1.0 allows attackers to create unauthorized admin accounts via crafted requests sent to an authen…	-	CVE-2024-57523	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

2019	-		-	-	SQL injection vulnerability in the ZimbraSync Service SOAP endpoint in Zimbra Collaboration 10.0.x before 10.0.12 and 10.1.x before 10.1.4 due to insufficient sanitization of a user-supplied paramete…	-	CVE-2025-25064	2025-02-7 05:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

2020	-		-	-	Incorrect Authorization vulnerability in Apache Cassandra allowing users to access a datacenter or IP/CIDR groups they should not be able to when using CassandraNetworkAuthorizer or CassandraCIDRAuth…	-	CVE-2025-24860	2025-02-7 05:15	2025-02-4	Show	GitHub Exploit DB Packet Storm