Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 20, 2025, 6:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197671 4.3 警告 The Cacti Group - Cacti におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0783 2012-06-26 15:55 2008-02-14 Show GitHub Exploit DB Packet Storm
197672 7.5 危険 astats
Joomla!		 - Joomla! の astatspro コンポーネントの refer.php における任意の SQL コマンドを実行される脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0839 2012-06-26 15:55 2008-02-20 Show GitHub Exploit DB Packet Storm
197673 7.5 危険 アップル - iPhoto 用 DPAP サーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0830 2012-06-26 15:55 2008-02-19 Show GitHub Exploit DB Packet Storm
197674 4.3 警告 ATutor - ATutor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0828 2012-06-26 15:55 2008-02-19 Show GitHub Exploit DB Packet Storm
197675 4.3 警告 caroline - Claroline におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0826 2012-06-26 15:55 2008-02-19 Show GitHub Exploit DB Packet Storm
197676 7.5 危険 caroline - Claroline における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0825 2012-06-26 15:55 2008-02-19 Show GitHub Exploit DB Packet Storm
197677 10 危険 caroline - Claroline の php2phps 関数における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2008-0824 2012-06-26 15:55 2008-02-19 Show GitHub Exploit DB Packet Storm
197678 7.2 危険 フォーティネット - Fortinet FortiClient Host Security MR5 Patch 3 の fortimon.sys デバイスドライバにおける任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0779 2012-06-26 15:55 2008-02-14 Show GitHub Exploit DB Packet Storm
197679 7.5 危険 アップル - Apple QuickTime 用 QTPlugin.ocx におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0778 2012-06-26 15:55 2008-02-14 Show GitHub Exploit DB Packet Storm
197680 4.9 警告 FreeBSD - FreeBSD の sendfile システムコールにおける書き込み専用ファイルのコンテンツを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0777 2012-06-26 15:55 2008-02-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 20, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
511 - - - Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. Matrix Media Repo (MMR) is vulnerable to server-side request forgery, serving content from a private net… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-52602 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
512 - - - OpenObserve is a cloud-native observability platform. A vulnerability in the user management endpoint `/api/{org_id}/users/{email_id}` allows an "Admin" role user to remove a "Root" user from the org… CWE-287
CWE-284
CWE-285
CWE-269
CWE-272
Improper Authentication
Improper Access Control
Improper Authorization
 Improper Privilege Management
 Least Privilege Violation 		CVE-2024-55954 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
513 - - - Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 is vulnerable to unbounded disk consumption, where an unauthenticated adversary… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2024-36403 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
514 - - - Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 allows, by design, unauthenticated remote participants to trigger a download an… CWE-287
Improper Authentication 		CVE-2024-36402 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
515 - - - An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request. - CVE-2024-57684 2025-01-17 05:15 2025-01-17 Show GitHub Exploit DB Packet Storm
516 - - - Mattermost Mobile versions <=2.22.0 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the mobile to crash via creatin… - CVE-2025-20630 2025-01-17 04:15 2025-01-17 Show GitHub Exploit DB Packet Storm
517 - - - Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allo… - CVE-2025-20621 2025-01-17 04:15 2025-01-17 Show GitHub Exploit DB Packet Storm
518 - - - An access control issue in the component websURLFilterAddDel of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the filter settings of the device via a crafted POST req… - CVE-2024-57683 2025-01-17 04:15 2025-01-17 Show GitHub Exploit DB Packet Storm
519 - - - An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST req… - CVE-2024-57682 2025-01-17 04:15 2025-01-17 Show GitHub Exploit DB Packet Storm
520 - - - An access control issue in the component form2alg.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the agl service of the device via a crafted POST request. - CVE-2024-57681 2025-01-17 04:15 2025-01-17 Show GitHub Exploit DB Packet Storm