Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198051 6.8 警告 cruxsoftware - Crux Gallery の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4483 2012-06-26 16:02 2008-10-7 Show GitHub Exploit DB Packet Storm
198052 7.2 危険 GNU Project - ibackup における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4475 2012-06-26 16:02 2008-10-7 Show GitHub Exploit DB Packet Storm
198053 7.2 危険 FreeRADIUS - freeradius の freeradius-dialupadmin における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4474 2012-06-26 16:02 2008-10-7 Show GitHub Exploit DB Packet Storm
198054 9.3 危険 オートデスク株式会社 - Revit Architecture で使用される LiveUpdate ActiveX コントロールの UpdateEngine クラスにおける任意のプログラムを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-4472 2012-06-26 16:02 2008-10-7 Show GitHub Exploit DB Packet Storm
198055 9.3 危険 オートデスク株式会社 - Revit Architecture 2009 SP2 で使用される DWF Viewer ActiveX コントロール (AdView.dll) の CExpressViewerControl クラスにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4471 2012-06-26 16:02 2008-10-7 Show GitHub Exploit DB Packet Storm
198056 7.5 危険 extrovert software - eXtrovert Thyme の groups モジュールの pick_users.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4459 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
198057 7.5 危険 ephpscripts - E-Php B2B Trading Marketplace Script の listings.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4458 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
198058 9.3 危険 dspicture - GdPicture Light Imaging Toolkit の GdPicture4S.Imaging ActiveX コントロールなどにおける任意のファイルを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-4453 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
198059 9 危険 cambridge computer corporation - Cambridge Computer Corporation vxFtpSrv におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4452 2012-06-26 16:02 2008-10-6 Show GitHub Exploit DB Packet Storm
198060 4.3 警告 domain group network - Domain Group Network GooCMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4424 2012-06-26 16:02 2008-10-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 11, 2025, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274051 - phpcomasy phpcomasy SQL injection vulnerability in index.php in phpComasy 0.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: an examination of the 0.7.5 source code … CWE-89
SQL Injection 		CVE-2005-3744 2011-08-5 13:00 2005-11-22 Show GitHub Exploit DB Packet Storm
274052 - tru-zone nukeet SQL injection vulnerability in the Search module in Tru-Zone Nuke ET 3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the query parameter. CWE-89
SQL Injection 		CVE-2005-3748 2011-08-5 13:00 2005-11-22 Show GitHub Exploit DB Packet Storm
274053 - omnistar_interactive omnistar_live SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter. NOTE: due to a typo, an… CWE-89
SQL Injection 		CVE-2005-3840 2011-08-5 13:00 2005-11-27 Show GitHub Exploit DB Packet Storm
274054 - altantisfaq altantis_knowledge_base_software SQL injection vulnerability in search.php in AtlantisFAQ Knowledge Base Software 2.03 and earlier allows remote attackers to execute arbitrary SQL commands via the searchStr parameter. CWE-89
SQL Injection 		CVE-2005-3881 2011-08-5 13:00 2005-11-29 Show GitHub Exploit DB Packet Storm
274055 - cfmagic magic_list_pro SQL injection vulnerability in view_archive.cfm in CFMagic Magic List Pro 2.5 allows remote attackers to execute arbitrary SQL commands via the ListID parameter. CWE-89
SQL Injection 		CVE-2005-4073 2011-08-5 13:00 2005-12-8 Show GitHub Exploit DB Packet Storm
274056 - kde kdegraphics Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of servi… CWE-399
 Resource Management Errors 		CVE-2006-6297 2011-08-4 13:00 2006-12-5 Show GitHub Exploit DB Packet Storm
274057 - mimms
xine 		mimms
xine-lib 		Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and (b) xine-lib 1.1.0 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arb… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2006-2200 2011-08-2 13:00 2006-06-28 Show GitHub Exploit DB Packet Storm
274058 - jed_wing chm_lib Stack-based buffer overflow in the _chm_find_in_PMGL function in chm_lib.c for chmlib before 0.36, as used in products such as KchmViewer, allows user-assisted attackers to execute arbitrary code via… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2005-2930 2011-08-2 13:00 2005-10-29 Show GitHub Exploit DB Packet Storm
274059 - freebsd
nrl 		freebsd
opie 		Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to c… CWE-189
Numeric Errors 		CVE-2010-1938 2011-07-29 11:37 2010-05-29 Show GitHub Exploit DB Packet Storm
274060 - matthias_graubner mg_help SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2010-0333 2011-07-26 13:00 2010-01-16 Show GitHub Exploit DB Packet Storm