Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 19, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198321	5	警告	datadynamics	-	ActiveReports Professional Edition の Data Dynamics DDActiveReports2.ActiveReport.2 ActiveX コントロールにおける絶対パストラバーサルの脆弱性	-	CVE-2007-3983	2012-06-26 15:54	2007-07-25	Show	GitHub Exploit DB Packet Storm

198322	5	警告	datadynamics	-	Data Dynamics ActiveReport ActiveX コントロールにおける絶対パストラバーサルの脆弱性	-	CVE-2007-3982	2012-06-26 15:54	2007-07-25	Show	GitHub Exploit DB Packet Storm

198323	4.3	警告	bwired	-	bwired におけるセッションをハイジャックされる脆弱性	CWE-255 証明書・パスワード管理	CVE-2007-3978	2012-06-26 15:54	2007-07-25	Show	GitHub Exploit DB Packet Storm

198324	4.3	警告	bwired	-	bwired におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-3977	2012-06-26 15:54	2007-07-25	Show	GitHub Exploit DB Packet Storm

198325	7.5	危険	bwired	-	bwired の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3976	2012-06-26 15:54	2007-07-25	Show	GitHub Exploit DB Packet Storm

198326	4.3	警告	elite forum	-	Elite Forum の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3975	2012-06-26 15:54	2007-07-25	Show	GitHub Exploit DB Packet Storm

198327	5	警告	ESET	-	ESET NOD32 Antivirus におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3972	2012-06-26 15:54	2007-07-25	Show	GitHub Exploit DB Packet Storm

198328	5	警告	ESET	-	ESET NOD32 Antivirus における整数オーバーフローの脆弱性	-	CVE-2007-3971	2012-06-26 15:54	2007-07-25	Show	GitHub Exploit DB Packet Storm

198329	5	警告	ESET	-	ESET NOD32 Antivirus における任意のコードを実行される脆弱性	-	CVE-2007-3970	2012-06-26 15:54	2007-07-25	Show	GitHub Exploit DB Packet Storm

198330	5	警告	dirlist	-	dirLIST の index.php における除外フォルダのコンテンツを一覧にされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-3968	2012-06-26 15:54	2007-07-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 19, 2025, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
771	-		-	-	An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code via uploading a crafted file.	-	CVE-2024-57761	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

772	-		-	-	JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java.	-	CVE-2024-57760	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

773	-		-	-	JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava.	-	CVE-2024-57757	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

774	-		-	-	The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS wh…	-	CVE-2024-50861	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

775	-		-	-	The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable to Reflected XSS. When a user uploads an improperly formatted file, the content may be reflected in the HTML response, allowing the atta…	-	CVE-2024-50859	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

776	-		-	-	Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An attacker can execute actions via the admin's browser by hosting a malicious URL, leading to data modifica…	-	CVE-2024-50858	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

777	-		-	-	The ip_do_job request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting (XSS). It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific user permissions within…	-	CVE-2024-50857	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

778	-		-	-	An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. The attacker can upload a malicious perlcmd.cgi file that overwrites the original upload.c…	-	CVE-2024-48760	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

779	8.4	HIGH Local	-	-	Microsoft Excel Remote Code Execution Vulnerability	-	CVE-2025-21354	2025-01-15 09:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

780	-		-	-	Discourse AI is a Discourse plugin which provides a number of AI features. When sharing Discourse AI Bot conversations into posts, if the conversation had HTML entities those could leak into the Disc…	CWE-79 Cross-site Scripting	CVE-2024-54142	2025-01-15 08:15	2025-01-15	Show	GitHub Exploit DB Packet Storm