Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 15, 2025, 6:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198661 10 危険 シスコシステムズ - Cisco Unified IP Conference Station 7935 などにおける認証制御を回避される脆弱性 CWE-287
不適切な認証 		CVE-2007-1062 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
198662 6.8 警告 francisco burzi - Francisco Burzi PHP-Nuke の index.php における SQL インジェクションの脆弱性 - CVE-2007-1061 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
198663 4.6 警告 Comodo - Comodo Firewall Pro におけるセキュリティ保護を回避される脆弱性 - CVE-2007-1051 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
198664 4.3 警告 abledesign - AbleDesign MyCalendar の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-1050 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
198665 7.5 危険 distributed checksum clearinghouse - DCC における /var/dcc/maps 配下の hosts を削除される脆弱性 - CVE-2007-1047 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
198666 5 警告 dem trac - Dem_trac におけるログファイルの内容を読み取られる脆弱性 - CVE-2007-1046 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
198667 7.5 危険 ezboo - Ezboo webstats における認証を回避される脆弱性 - CVE-2007-1043 2012-06-26 15:46 2007-02-21 Show GitHub Exploit DB Packet Storm
198668 7.5 危険 Drupal - Drupal 用の Mediafield などのモジュールで使用される getID3 の特定のデモスクリプトにおける任意のファイルを削除される脆弱性 - CVE-2007-1035 2012-06-26 15:46 2007-02-16 Show GitHub Exploit DB Packet Storm
198669 7.5 危険 Drupal - Drupal 用の Secure site モジュールにおけるアクセス制限を回避される脆弱性 CWE-Other
その他 		CVE-2007-1033 2012-06-26 15:46 2007-02-16 Show GitHub Exploit DB Packet Storm
198670 6.8 警告 barry jaspan - Drupal の Barry Jaspan Image Pager におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1028 2012-06-26 15:46 2007-02-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
911 - - - Carbon is an international PHP extension for DateTime. Application passing unsanitized user input to Carbon::setLocale are at risk of arbitrary file include, if the application allows users to upload… CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2025-22145 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
912 - - - A vulnerability in the firewall component of HPE Aruba Networking CX 10000 Series Switches exists. It could allow an unauthenticated adjacent attacker to conduct a packet forwarding attack against … - CVE-2024-54010 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
913 - - - SickChill is an automatic video library manager for TV shows. A user-controlled `login` endpoint's `next_` parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82,… CWE-601
Open Redirect 		CVE-2024-53995 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
914 - - - Certain Teradata account-handling code through 2024-11-04, used with SUSE Enterprise Linux Server, mismanages groups. Specifically, when there is an operating system move from SUSE Enterprise Linux S… - CVE-2024-52869 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
915 - - - A vulnerability classified as critical was found in ZeroWdd myblog 1.0. This vulnerability affects unknown code of the file src/main/resources/mapper/BlogMapper.xml. The manipulation of the argument … CWE-74
CWE-91
Injection
Blind XPath Injection 		CVE-2024-13190 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
916 - - - An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of… CWE-862
 Missing Authorization 		CVE-2024-12431 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
917 - - - A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file src/main/java/com/wdd/myblog/config/MyBlogMvcConfig.java. The manipulation leads … - CVE-2024-13189 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
918 - - - A vulnerability was found in Kingsoft WPS Office 6.14.0 on macOS. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component TCC Handler. The manipu… - CVE-2024-13187 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
919 - - - WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the listar_permissoes.php endpoint of the WeGIA application. This vulnerabil… CWE-79
Cross-site Scripting 		CVE-2025-22143 2025-01-9 05:15 2025-01-9 Show GitHub Exploit DB Packet Storm
920 - - - Rejected reason: reserved but not needed - CVE-2024-45345 2025-01-9 05:15 2025-01-9 Show GitHub Exploit DB Packet Storm