Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 12, 2025, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197721 7.5 危険 chameleon cms - chameleon cms におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-3050 2012-06-26 15:46 2007-06-5 Show GitHub Exploit DB Packet Storm
197722 4.3 警告 buttercup wfm - BWFM May 2007 の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3049 2012-06-26 15:46 2007-06-5 Show GitHub Exploit DB Packet Storm
197723 5 警告 Advanced Software Production Line - Advanced Software Production Line Vortex Library におけるバッファオーバーフローの脆弱性 - CVE-2007-3046 2012-06-26 15:46 2007-06-5 Show GitHub Exploit DB Packet Storm
197724 5 警告 サン・マイクロシステムズ
ClamAV		 - ClamAV の libclamav/phishcheck.c におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3025 2012-06-26 15:46 2007-05-31 Show GitHub Exploit DB Packet Storm
197725 2.1 注意 ClamAV - ClamAV の libclamav/others.c における重要な情報を読み取られる脆弱性 - CVE-2007-3024 2012-06-26 15:46 2007-05-31 Show GitHub Exploit DB Packet Storm
197726 10 危険 ClamAV - ClamAV の unsp.c における詳細不明な脆弱性 - CVE-2007-3023 2012-06-26 15:46 2007-05-31 Show GitHub Exploit DB Packet Storm
197727 4 警告 activeWeb - activeWeb contentserver CMS における任意のディレクトリのファイルを作成される脆弱性 - CVE-2007-3018 2012-06-26 15:46 2007-07-16 Show GitHub Exploit DB Packet Storm
197728 4 警告 activeWeb - activeWeb contentserver CMS の WYSIWYG エディタアプレットにおける任意の JavaScript を挿入される脆弱性 - CVE-2007-3017 2012-06-26 15:46 2007-07-16 Show GitHub Exploit DB Packet Storm
197729 4.3 警告 activeWeb - activeWeb contentserver におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3014 2012-06-26 15:46 2007-07-15 Show GitHub Exploit DB Packet Storm
197730 6.5 警告 activeWeb - activeWeb contentserver における SQL インジェクションの脆弱性 - CVE-2007-3013 2012-06-26 15:46 2007-07-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 12, 2025, 4:59 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
141 - - - MonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the title and description parameters at /people/ID/reminders/create. New - CVE-2024-54996 2025-01-11 06:15 2025-01-11 Show GitHub Exploit DB Packet Storm
142 - - - MonicaHQ v4.1.2 was discovered to contain multiple Client-Side Injection vulnerabilities via the first_name and last_name parameters in the Add a new relationship feature. New - CVE-2024-54994 2025-01-11 06:15 2025-01-11 Show GitHub Exploit DB Packet Storm
143 8.8 HIGH
Network 		wangl1989 mysiteforme A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileC… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-13139 2025-01-11 06:02 2025-01-5 Show GitHub Exploit DB Packet Storm
144 8.8 HIGH
Network 		wangl1989 mysiteforme A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/Loc… Update CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-13138 2025-01-11 06:01 2025-01-5 Show GitHub Exploit DB Packet Storm
145 5.4 MEDIUM
Network 		wangl1989 mysiteforme A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system… Update CWE-79
Cross-site Scripting 		CVE-2024-13137 2025-01-11 06:01 2025-01-5 Show GitHub Exploit DB Packet Storm
146 9.8 CRITICAL
Network 		wangl1989 mysiteforme A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/Shir… Update CWE-502
 Deserialization of Untrusted Data 		CVE-2024-13136 2025-01-11 06:01 2025-01-5 Show GitHub Exploit DB Packet Storm
147 - - - On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing (PBR), BGP Flowspec, or interface traffic policy -- c… New - CVE-2024-6437 2025-01-11 05:15 2025-01-11 Show GitHub Exploit DB Packet Storm
148 - - - Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the First Name and Last Name parameters in the endpoint /admin/module/view?type=users New - CVE-2024-33299 2025-01-11 05:15 2025-01-11 Show GitHub Exploit DB Packet Storm
149 - - - Microweber Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the create new backup function in the endpoint /admin/module/view?type=admin… New - CVE-2024-33298 2025-01-11 05:15 2025-01-11 Show GitHub Exploit DB Packet Storm
150 - - - Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the campaign Name (Internal Name) field in the Add new campaign function New - CVE-2024-33297 2025-01-11 05:15 2025-01-11 Show GitHub Exploit DB Packet Storm