Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198221 7.5 危険 africabegone - ABG の index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-3570 2012-06-26 16:02 2008-08-10 Show GitHub Exploit DB Packet Storm
198222 4.3 警告 Apache Friends - XAMPP におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3569 2012-06-26 16:02 2008-08-10 Show GitHub Exploit DB Packet Storm
198223 7.5 危険 dayfox designs - Dayfox Blog の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-3564 2012-06-26 16:02 2008-08-10 Show GitHub Exploit DB Packet Storm
198224 5.1 警告 chupix - Chupix CMS の Contact モジュールの index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-3562 2012-06-26 16:02 2008-08-10 Show GitHub Exploit DB Packet Storm
198225 7.5 危険 fhm-script - Free Hosting Manager における管理アクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-3557 2012-06-26 16:02 2008-08-8 Show GitHub Exploit DB Packet Storm
198226 7.5 危険 Comsenz Technology - Discuz! の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3554 2012-06-26 16:02 2008-08-8 Show GitHub Exploit DB Packet Storm
198227 7.5 危険 Git project - GIT の diff_addremove 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-3546 2012-06-26 16:02 2008-08-7 Show GitHub Exploit DB Packet Storm
198228 10 危険 GNOME Project - Gnome の yelp の yelp-window.c の window_error 関数におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2008-3533 2012-06-26 16:02 2008-08-5 Show GitHub Exploit DB Packet Storm
198229 6.9 警告 FreeBSD - FreeBSD の カーネルの sys/kern/vfs_mount.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-3531 2012-06-26 16:02 2008-09-3 Show GitHub Exploit DB Packet Storm
198230 4.3 警告 craftysyntax - CSLH の livehelp_js.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3510 2012-06-26 16:02 2008-08-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 26, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1671 - - - An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 … CWE-78
OS Command  		CVE-2024-40584 2025-02-12 02:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1672 - - - An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and Fortinet FortiAnalyz… CWE-22
Path Traversal 		CVE-2024-36508 2025-02-12 02:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1673 - - - A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 through 7.4.4 allows a remote unauthenticated attacker to execute arbitrary cod… CWE-121
Stack-based Buffer Overflow 		CVE-2024-35279 2025-02-12 02:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1674 - - - A use of hard-coded cryptographic key to encrypt sensitive data vulnerability [CWE-321] in FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9, 7.0 all versions, 6.4 all versio… CWE-321
 Use of Hard-coded Cryptographic Key 		CVE-2024-33504 2025-02-12 02:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1675 - - - An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox at least versions 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 … CWE-79
Cross-site Scripting 		CVE-2024-27781 2025-02-12 02:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1676 - - - Multiple Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilities [CWE-79] in FortiSIEM 7.1 all versions, 7.0 all versions, 6.7 all versions incident page… CWE-79
Cross-site Scripting 		CVE-2024-27780 2025-02-12 02:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1677 - - - An HTML Injection vulnerability in Avaya Spaces may have allowed disclosure of sensitive information or modification of the page content seen by the user. - CVE-2024-12756 2025-02-12 02:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1678 - - - A Cross-Site Scripting (XSS) vulnerability in Avaya Spaces may have allowed unauthorized code execution and potential disclose of sensitive information. - CVE-2024-12755 2025-02-12 02:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1679 - - - A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.6, FortiProxy version 7.4.0 and before 7.2.7, FortiPAM version 1.1.… CWE-134
Use of Externally-Controlled Format String 		CVE-2023-40721 2025-02-12 02:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1680 - - - Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted Cassandra cluster via u… - CVE-2025-23015 2025-02-12 02:15 2025-02-4 Show GitHub Exploit DB Packet Storm