Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197791 4 警告 fdgroup - FDI OLIB7 WebView におけるファイルから重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5678 2012-06-26 16:03 2008-12-18 Show GitHub Exploit DB Packet Storm
197792 9.4 危険 darkwet - Darkwet Network webcamXP の HTTP サーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5674 2012-06-26 16:03 2008-12-18 Show GitHub Exploit DB Packet Storm
197793 6.8 警告 GNOME Project - Vinagre の vinagre_utils_show_error 関数 におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2008-5660 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197794 7.5 危険 AlstraSoft - AlstraSoft Web Host Directory のログインディレクトリにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5650 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197795 10 危険 AlstraSoft - AlstraSoft Article Manager Pro の admin/admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5649 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197796 7.5 危険 DeltaScripts - DeltaScripts PHP Shop の admin/login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5648 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197797 5 警告 CMS Made Simple - CMS Made Simple の admin/login.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5642 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197798 7.5 危険 Activewebsoftwares - Active Photo Gallery の account.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5641 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197799 7.5 危険 Activewebsoftwares - Active Bids の bidhistory.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5640 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
197800 7.5 危険 Activewebsoftwares - Active Price Comparison における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5638 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 25, 2025, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1991 3.5 LOW
Network 		- - A vulnerability classified as problematic has been found in Mindskip xzs-mysql ????????? 3.9.0. Affected is an unknown function of the file /api/admin/question/edit of the component Exam Edit Handler… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2025-1082 2025-02-7 08:15 2025-02-7 Show GitHub Exploit DB Packet Storm
1992 - - - On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the @executable_path, @loader_path, or @rpath special value… - CVE-2025-22867 2025-02-7 07:15 2025-02-7 Show GitHub Exploit DB Packet Storm
1993 - - - An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate database queries via the column parameter. Exploiting this flaw … - CVE-2024-57430 2025-02-7 07:15 2025-02-7 Show GitHub Exploit DB Packet Storm
1994 - - - A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote attackers to escalate privileges by tricking an authenticated a… - CVE-2024-57429 2025-02-7 07:15 2025-02-7 Show GitHub Exploit DB Packet Storm
1995 - - - A stored cross-site scripting (XSS) vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields (event_img, seat_maps) and seat number configurations … - CVE-2024-57428 2025-02-7 07:15 2025-02-7 Show GitHub Exploit DB Packet Storm
1996 - - - In Newgensoft OmniDocs 11.0_SP1_03_006, Insecure Direct Object Reference (IDOR) in the getuserproperty function allows user's configuration and PII to be stolen. - CVE-2024-39033 2025-02-7 07:15 2025-02-7 Show GitHub Exploit DB Packet Storm
1997 5.4 MEDIUM
Network 		mozilla thunderbird The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in … NVD-CWE-noinfo
CVE-2025-1015 2025-02-7 07:15 2025-02-4 Show GitHub Exploit DB Packet Storm
1998 3.1 LOW
Adjacent 		- - A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Password Handler. The manip… CWE-1391
 Use of Weak Credentials 		CVE-2025-1081 2025-02-7 06:15 2025-02-7 Show GitHub Exploit DB Packet Storm
1999 - - - Certain HP LaserJet Pro printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer via IPP (Internet Printing Protocol). - CVE-2025-1004 2025-02-7 06:15 2025-02-7 Show GitHub Exploit DB Packet Storm
2000 5.5 MEDIUM
Local 		- - IBM EntireX 11.1 could allow a local user to cause a denial of service due to an unhandled error and fault isolation. CWE-248
 Uncaught Exception 		CVE-2025-0158 2025-02-7 06:15 2025-02-7 Show GitHub Exploit DB Packet Storm