Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 17, 2025, 2:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198531	6.8	警告	agner fog	-	aForum の common/errormsg.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2634	2012-06-26 15:46	2007-05-13	Show	GitHub Exploit DB Packet Storm

198532	6.5	警告	activecampaign	-	FCKeditor モジュールの filemanager/browser/default/connectors/php/config.php における .php4 および .php5 をアップロードされる脆弱性	-	CVE-2007-2630	2012-06-26 15:46	2007-05-2	Show	GitHub Exploit DB Packet Storm

198533	7.8	危険	Bradford Networks	-	Bradford CampusManager Network Control Application Server における重要な情報を取得される脆弱性	-	CVE-2007-2629	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

198534	6.8	警告	aiocp	-	AIOCP の shared/code/cp_authorization.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2625	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

198535	6.8	警告	aiocp	-	AIOCP の shared/config/cp_config.php におけるクロスサイトスクリプティング攻撃を誘発する脆弱性	-	CVE-2007-2624	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

198536	7.8	危険	fruit2004	-	Remote Display Dev キットの RControl.dll におけるバッファオーバーフローの脆弱性	-	CVE-2007-2623	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

198537	7.5	危険	extrovert software	-	Thyme Calendar の event_view.php における SQL インジェクションの脆弱性	-	CVE-2007-2621	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

198538	5.1	警告	drake team	-	Drake CMS の index.php における CRLF インジェクションの脆弱性	-	CVE-2007-2618	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

198539	7.5	危険	crie sue	-	Crie seu PHPLojaFacil における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2615	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

198540	6.8	警告	cgx	-	CGX における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2611	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 17, 2025, 5:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
901	-	-	-	Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability affects Firefox for iOS < 134.	-	CVE-2025-23108	2025-01-14 03:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

902	-	-	-	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - ArticleFeedbackv5 extension allows Cross-Site Scripting (…	-	CVE-2025-23079	2025-01-14 03:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

903	-	-	-	Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin.	-	CVE-2025-22963	2025-01-14 01:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

904	-	-	-	An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can p…	-	CVE-2024-52333	2025-01-14 01:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

905	-	-	-	An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide …	-	CVE-2024-47796	2025-01-14 01:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

906	-	-	-	Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.	-	CVE-2024-52937	2025-01-14 01:15	2025-01-13	Show	GitHub Exploit DB Packet Storm

907	-	-	-	MonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the title and description parameters at /people/ID/reminders/create.	-	CVE-2024-54996	2025-01-14 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

908	-	-	-	Microweber Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the create new backup function in the endpoint /admin/module/view?type=admin…	-	CVE-2024-33298	2025-01-14 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

909	-	-	-	TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the newpasswd parameter in the action_passwd function.	-	CVE-2024-57213	2025-01-14 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

910	-	-	-	Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest's virtualised …	-	CVE-2024-52938	2025-01-14 00:15	2025-01-13	Show	GitHub Exploit DB Packet Storm