Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 11, 2025, 10:02 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198441	6.8	警告	arnotic	-	Arnaud Guyonne a-forum の forum.php3 におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0398	2012-06-26 15:46	2007-01-22	Show	GitHub Exploit DB Packet Storm

198442	6.4	警告	シスコシステムズ	-	CS-MARS などにおける正確でない情報を生成される脆弱性	-	CVE-2007-0397	2012-06-26 15:46	2007-01-18	Show	GitHub Exploit DB Packet Storm

198443	7.5	危険	comvironment	-	ComVironment の libraries/grab_globals.lib.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0395	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

198444	7.2	危険	BitDefender	-	BitDefender Client Professional Plus のログ作成機能におけるフォーマットストリングの脆弱性	-	CVE-2007-0391	2012-06-26 15:46	2007-01-18	Show	GitHub Exploit DB Packet Storm

198445	7.8	危険	arsdigita	-	ACS および ACES におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-0389	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

198446	7.5	危険	ATRC	-	ATutor における SQL インジェクションの脆弱性	-	CVE-2007-0381	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

198447	5	警告	docman	-	DocMan における重要な情報 (フルパス) を取得される脆弱性	-	CVE-2007-0380	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

198448	6.8	警告	docman	-	DocMan におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0379	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

198449	7.5	危険	docman	-	DocMan における SQL インジェクションの脆弱性	-	CVE-2007-0378	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

198450	7.5	危険	francisco burzi	-	Francisco Burzi PHP-Nuke における SQL インジェクションの脆弱性	-	CVE-2007-0372	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 11, 2025, 5:03 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221	-		-	-	The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old… New	-	CVE-2024-10815	2025-01-10 01:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

222	-		-	-	An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 allows attackers to cause a Denial of Service (DoS) via a crafted XML payload. Update	-	CVE-2024-46603	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

223	-		-	-	An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML External Entity (XXE) vulnerability may allow an attacker to cause a Denial of Service (DoS) via a cra… Update	-	CVE-2024-46602	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

224	-		-	-	Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow. Update	-	CVE-2024-46601	2025-01-10 01:15	2025-01-8	Show	GitHub Exploit DB Packet Storm

225	5.5	MEDIUM Local	dell	powerscale_onefs	Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerab… Update	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2024-47475	2025-01-10 01:04	2025-01-7	Show	GitHub Exploit DB Packet Storm

226	-		-	-	A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer. New	-	CVE-2024-10106	2025-01-10 00:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

227	-		-	-	IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as configurations that should only be available to privileged users. New	CWE-282 CWE-276 Improper Ownership Management Incorrect Default Permissions	CVE-2024-43176	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

228	-		-	-	IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, and 12.4 operands running in Red H… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2022-22491	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

229	-		-	-	The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to Cross-Site Request Fo… New	-	CVE-2024-12605	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm

230	-		-	-	SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Mic… New	-	CVE-2024-12802	2025-01-10 00:15	2025-01-9	Show	GitHub Exploit DB Packet Storm