Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198571 7.5 危険 php-programs - APBoard Developers APBoard の board/board.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4955 2012-02-29 14:06 2011-10-9 Show GitHub Exploit DB Packet Storm
198572 7.5 危険 Gambio - xt:Commerce Gambio 2008 の product_reviews_info.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4954 2012-02-29 14:05 2011-10-9 Show GitHub Exploit DB Packet Storm
198573 10 危険 Jens Witt - TYPO3 用 JW Calendar エクステンションにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-4953 2012-02-29 11:55 2011-10-9 Show GitHub Exploit DB Packet Storm
198574 7.5 危険 Joachim Ruhs - TYPO3 用 FE user statistic エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4952 2012-02-29 11:51 2011-10-9 Show GitHub Exploit DB Packet Storm
198575 5 警告 Thomas Mammitzsch - TYPO3 用 xaJax Shoutbox エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4951 2012-02-29 11:48 2011-10-9 Show GitHub Exploit DB Packet Storm
198576 7.5 危険 Joachim Ruhs - TYPO3 用 Event エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4950 2012-02-29 11:42 2011-10-9 Show GitHub Exploit DB Packet Storm
198577 4.3 警告 Codologic.com - Joomla! 用 FreiChat および FreiChatPure におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4949 2012-02-29 11:21 2011-10-9 Show GitHub Exploit DB Packet Storm
198578 7.5 危険 Phpgalleryscript - PHP Free Photo Gallery script における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4948 2012-02-29 11:19 2011-10-9 Show GitHub Exploit DB Packet Storm
198579 4.3 警告 Allpcscript - ALLPC の advanced_search_result.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4947 2012-02-29 11:17 2011-10-9 Show GitHub Exploit DB Packet Storm
198580 7.5 危険 Allpcscript - ALLPC の product_info.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4946 2012-02-29 11:16 2011-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 17, 2024, 4:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
258791 - opera opera_browser Opera before 9.63 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. CWE-310
Cryptographic Issues 		CVE-2012-1251 2014-03-6 04:12 2012-06-5 Show GitHub Exploit DB Packet Storm
258792 - pizzahut pizza_hut_japan_official_order_application The Pizza Hut Japan Official Order application before 1.1.1.a for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sen… CWE-310
Cryptographic Issues 		CVE-2013-3641 2014-03-6 04:11 2013-06-11 Show GitHub Exploit DB Packet Storm
258793 - yahoo yafuoku\! The Yahoo! Japan Yafuoku! application 4.3.0 and earlier for iOS and Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain s… CWE-310
Cryptographic Issues 		CVE-2013-4699 2014-03-6 04:09 2013-08-22 Show GitHub Exploit DB Packet Storm
258794 - yahoo japan_shopping The Yahoo! Japan Shopping application 1.4 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive i… CWE-310
Cryptographic Issues 		CVE-2013-4700 2014-03-6 04:03 2013-08-22 Show GitHub Exploit DB Packet Storm
258795 - open-xchange open-xchange_server OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spo… CWE-310
Cryptographic Issues 		CVE-2013-1651 2014-03-6 04:01 2013-09-5 Show GitHub Exploit DB Packet Storm
258796 - cisco jabber Cisco Jabber on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify the client-server data stream via a crafted certifica… CWE-310
Cryptographic Issues 		CVE-2013-1228 2014-03-6 04:00 2013-09-6 Show GitHub Exploit DB Packet Storm
258797 - kingsoft kdrive Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information … CWE-310
Cryptographic Issues 		CVE-2013-5999 2014-03-6 03:58 2013-11-23 Show GitHub Exploit DB Packet Storm
258798 - codeaurora android-msm The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does… CWE-399
 Resource Management Errors 		CVE-2013-6392 2014-03-6 03:29 2013-11-30 Show GitHub Exploit DB Packet Storm
258799 - satechi smart_travel_router The web interface on the Satechi travel router 1.5, when Wi-Fi is used for WAN access, exposes the console without authentication on the WAN IP address regardless of the "Web Management via WAN" sett… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-6918 2014-03-6 02:46 2013-11-30 Show GitHub Exploit DB Packet Storm
258800 - apple mac_os_x A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify ca… CWE-20
 Improper Input Validation  		CVE-2014-2234 2014-03-6 02:44 2014-03-5 Show GitHub Exploit DB Packet Storm