Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 20, 2025, 6:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198271	10	危険	CA Technologies	-	CA BrightStor ARCserve Backup for Laptops and Desktops のコマンドハンドラにおけるユーザを追加および削除される脆弱性	CWE-287 不適切な認証	CVE-2007-5006	2012-06-26 15:54	2007-09-20	Show	GitHub Exploit DB Packet Storm

198272	10	危険	CA Technologies	-	CA BrightStor ARCserve Backup for Laptops and Desktops の rxRPC.dll におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-5005	2012-06-26 15:54	2007-09-20	Show	GitHub Exploit DB Packet Storm

198273	9.3	危険	CA Technologies	-	CA BrightStor ARCserve Backup for Laptops and Desktops における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2007-5004	2012-06-26 15:54	2007-09-20	Show	GitHub Exploit DB Packet Storm

198274	10	危険	CA Technologies	-	CA BrightStor ARCserve Backup for Laptops and Desktops におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5003	2012-06-26 15:54	2007-09-20	Show	GitHub Exploit DB Packet Storm

198275	10	危険	Firebird Project	-	Firebird SQL の fbserver.exe の process_packet 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-4992	2012-06-26 15:54	2007-10-10	Show	GitHub Exploit DB Packet Storm

198276	10	危険	JetAudio	-	jetAudio の JetFlExt.dll の JetAudio.Interface.1 ActiveX コントロールにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-4983	2012-06-26 15:54	2007-09-19	Show	GitHub Exploit DB Packet Storm

198277	4.3	警告	gcaldaemon	-	GCALDaemon の readRequest メソッドにおけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2007-4980	2012-06-26 15:54	2007-09-19	Show	GitHub Exploit DB Packet Storm

198278	3.5	注意	Coppermine Photo Gallery	-	CPG の mode.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4977	2012-06-26 15:54	2007-09-19	Show	GitHub Exploit DB Packet Storm

198279	6.5	警告	Coppermine Photo Gallery	-	CPG の viewlog.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-4976	2012-06-26 15:54	2007-09-19	Show	GitHub Exploit DB Packet Storm

198280	4.3	警告	b1g	-	b1gMail の hilfe.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4975	2012-06-26 15:54	2007-09-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 20, 2025, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
841	-		-	-	The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable to Reflected XSS. When a user uploads an improperly formatted file, the content may be reflected in the HTML response, allowing the atta…	-	CVE-2024-50859	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

842	-		-	-	Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An attacker can execute actions via the admin's browser by hosting a malicious URL, leading to data modifica…	-	CVE-2024-50858	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

843	-		-	-	The ip_do_job request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting (XSS). It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific user permissions within…	-	CVE-2024-50857	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

844	-		-	-	An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. The attacker can upload a malicious perlcmd.cgi file that overwrites the original upload.c…	-	CVE-2024-48760	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

845	8.4	HIGH Local	-	-	Microsoft Excel Remote Code Execution Vulnerability	-	CVE-2025-21354	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

846	-		-	-	Discourse AI is a Discourse plugin which provides a number of AI features. When sharing Discourse AI Bot conversations into posts, if the conversation had HTML entities those could leak into the Disc…	CWE-79 Cross-site Scripting	CVE-2024-54142	2025-01-15 08:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

847	-		-	-	Silverstripe Framework is a PHP framework which powers the Silverstripe CMS. In some cases, form messages can contain HTML markup. This is an intentional feature, allowing links and other relevant HT…	CWE-79 Cross-site Scripting	CVE-2024-53277	2025-01-15 08:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

848	-		-	-	silverstripe-asset-admin is a silverstripe assets gallery for asset management. When using the "insert media" functionality, the linked oEmbed JSON includes an HTML attribute which will replace the e…	CWE-79 Cross-site Scripting	CVE-2024-47605	2025-01-15 08:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

849	-		-	-	ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi Remote Code Execution vulnerability.	-	CVE-2024-42911	2025-01-15 08:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

850	-		-	-	H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 5G wireless network processing function. Attackers who successfully exploit this vulnerability …	-	CVE-2024-57482	2025-01-15 07:15	2025-01-15	Show	GitHub Exploit DB Packet Storm