Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 19, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198311 7.6 危険 シトリックス・システムズ - Citrix Access Gateway の Web ベースの管理コンソールにおけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2007-4017 2012-06-26 15:54 2007-07-25 Show GitHub Exploit DB Packet Storm
198312 6.8 警告 シトリックス・システムズ - Citrix Access Gateway Standard Edition および Advanced Edition のクライアントコンポーネントにおける任意のコードを実行される脆弱性 - CVE-2007-4016 2012-06-26 15:54 2007-07-25 Show GitHub Exploit DB Packet Storm
198313 9.3 危険 シトリックス・システムズ - Firefox プラグインディレクトリの Net6Helper.DLL における詳細不明な脆弱性 - CVE-2007-4013 2012-06-26 15:54 2007-07-25 Show GitHub Exploit DB Packet Storm
198314 7.1 危険 シスコシステムズ - Cisco 4100 におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-4012 2012-06-26 15:54 2007-07-24 Show GitHub Exploit DB Packet Storm
198315 7.1 危険 シスコシステムズ - Cisco 4100 におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-4011 2012-06-26 15:54 2007-07-24 Show GitHub Exploit DB Packet Storm
198316 7.5 危険 entertainment cms - Entertainment Media Sharing CMS の custom.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4008 2012-06-26 15:54 2007-07-25 Show GitHub Exploit DB Packet Storm
198317 9.3 危険 article directory - Article Directory の index.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-4007 2012-06-26 15:54 2007-07-25 Show GitHub Exploit DB Packet Storm
198318 4.3 警告 ASP indir - Asp cvmatik の cv.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3991 2012-06-26 15:54 2007-07-25 Show GitHub Exploit DB Packet Storm
198319 7.5 危険 ASP indir - Dora Emlak の default.asp における SQL インジェクションの脆弱性 - CVE-2007-3990 2012-06-26 15:54 2007-07-25 Show GitHub Exploit DB Packet Storm
198320 4.3 警告 ASP indir - Dora Emlak の default.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3989 2012-06-26 15:54 2007-07-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 19, 2025, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
771 - - - An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code via uploading a crafted file. - CVE-2024-57761 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
772 - - - JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java. - CVE-2024-57760 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
773 - - - JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava. - CVE-2024-57757 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
774 - - - The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS wh… - CVE-2024-50861 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
775 - - - The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable to Reflected XSS. When a user uploads an improperly formatted file, the content may be reflected in the HTML response, allowing the atta… - CVE-2024-50859 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
776 - - - Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An attacker can execute actions via the admin's browser by hosting a malicious URL, leading to data modifica… - CVE-2024-50858 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
777 - - - The ip_do_job request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting (XSS). It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific user permissions within… - CVE-2024-50857 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
778 - - - An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. The attacker can upload a malicious perlcmd.cgi file that overwrites the original upload.c… - CVE-2024-48760 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
779 8.4 HIGH
Local 		- - Microsoft Excel Remote Code Execution Vulnerability - CVE-2025-21354 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
780 - - - Discourse AI is a Discourse plugin which provides a number of AI features. When sharing Discourse AI Bot conversations into posts, if the conversation had HTML entities those could leak into the Disc… CWE-79
Cross-site Scripting 		CVE-2024-54142 2025-01-15 08:15 2025-01-15 Show GitHub Exploit DB Packet Storm