Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 30, 2025, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
197651	9.3	危険	bpsoft	-	BreakPoint Software Hex Workshop におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-5756	2012-06-26 16:03	2008-12-30	Show	GitHub Exploit DB Packet Storm

197652	9.3	危険	BulletProof Software	-	BulletProof FTP Client におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-5754	2012-06-26 16:03	2008-12-30	Show	GitHub Exploit DB Packet Storm

197653	9.3	危険	BulletProof Software	-	BulletProof FTP Client におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-5753	2012-06-26 16:03	2008-12-30	Show	GitHub Exploit DB Packet Storm

197654	7.5	危険	AlstraSoft	-	ESE の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5751	2012-06-26 16:03	2008-12-30	Show	GitHub Exploit DB Packet Storm

197655	4.3	警告	bloofox	-	BloofoxCMS の plugins/spaw2/dialogs/dialog.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5748	2012-06-26 16:03	2008-12-29	Show	GitHub Exploit DB Packet Storm

197656	5	警告	FRISK Software International	-	GNU/Linux の F-Prot におけるアンチウイルス保護を回避される脆弱性	CWE-399 リソース管理の問題	CVE-2008-5747	2012-06-26 16:03	2008-12-29	Show	GitHub Exploit DB Packet Storm

197657	7.2	危険	Digium	-	Zaptel の dahdi/tor2.c ドライバにおけるカーネルメモリの整数値を上書きされる脆弱性	CWE-189 数値処理の問題	CVE-2008-5744	2012-06-26 16:03	2008-12-26	Show	GitHub Exploit DB Packet Storm

197658	7.2	危険	FreeBSD	-	FreeBSD における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5736	2012-06-26 16:03	2008-12-23	Show	GitHub Exploit DB Packet Storm

197659	9.3	危険	coolplayer	-	CoolPlayer の skin.c におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-5735	2012-06-26 16:03	2008-12-26	Show	GitHub Exploit DB Packet Storm

197660	7.2	危険	entechtaiwan	-	EnTech Taiwan PowerStrip の NT カーネルモードドライバにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5725	2012-06-26 16:03	2008-12-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 30, 2025, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
891	-		-	-	An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. The nature of the sensitive information depends on the…	-	CVE-2024-43707	2025-01-23 15:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

892	-		-	-	Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack …	CWE-419	CVE-2025-24030	2025-01-23 13:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

893	-		-	-	BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application could allow operators to download files from a local repository which is vulnerable to path traversal att…	-	CVE-2024-42187	2025-01-23 12:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

894	-		-	-	BigFix Patch Download Plug-ins are affected by an insecure protocol support. The application can allow improper handling of SSL certificates validation.	-	CVE-2024-42186	2025-01-23 12:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

895	-		-	-	BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML injection attacks. This allows an attacker to exploit this vulnerability by injecting malicious XML con…	-	CVE-2024-42185	2025-01-23 12:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

896	-		-	-	BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. It could allow a malicious operator to attempt to download files using the file:// URI scheme.	-	CVE-2024-42184	2025-01-23 12:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

897	6.4	MEDIUM Network	-	-	IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt…	CWE-79 Cross-site Scripting	CVE-2023-50309	2025-01-23 12:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

898	4.6	MEDIUM Network	-	-	IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering t…	CWE-79 Cross-site Scripting	CVE-2023-32340	2025-01-23 12:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

899	-		-	-	BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It could allow a malicious operator to download files from arbitrary URLs without any proper validation or al…	-	CVE-2024-42183	2025-01-23 11:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

900	-		-	-	BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. It may allow the application to download files from an internally hosted server on localhost.	-	CVE-2024-42182	2025-01-23 10:15	2025-01-23	Show	GitHub Exploit DB Packet Storm