Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 9, 2025, 4:02 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
198671 7.5 危険 Cactusoft International FZ-LLC & Cactusoft Ltd. - wwWeb concepts CactuShop における SQL インジェクションの脆弱性 - CVE-2006-5991 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198672 7.5 危険 aspintranet - ASPintranet の default.asp における SQL インジェクションの脆弱性 - CVE-2006-5987 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198673 6.8 警告 extreme cms - Extreme CMS の admin/options.php における不正な操作を実行される脆弱性 - CVE-2006-5986 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198674 6.8 警告 extreme cms - Extreme CMS の admin/options.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5985 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198675 10 危険 biba software - SeleniumServer FTP Server におけるパスワードを取得される脆弱性 CWE-310
暗号の問題
CVE-2006-5982 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198676 6.4 警告 biba software - SeleniumServer FTP Server におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2006-5981 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198677 10 危険 E-Xoopport - E-Xoopport における詳細不明な脆弱性 - CVE-2006-5978 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198678 7.5 危険 Expinion.net - MultiCalendars における SQL インジェクションの脆弱性 - CVE-2006-5977 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198679 7.5 危険 drumster - BlogMe の admin_login.asp における SQL インジェクションの脆弱性 - CVE-2006-5976 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
198680 6.8 警告 drumster - BlogMe の comments.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5975 2012-06-26 15:37 2006-11-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 9, 2025, 4:56 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
501 - - - Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerab… New CWE-732
 Incorrect Permission Assignment for Critical Resource
CVE-2024-47475 2025-01-7 02:15 2025-01-7 Show GitHub Exploit DB Packet Storm
502 - - - A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing mal… New - CVE-2023-6605 2025-01-7 02:15 2025-01-7 Show GitHub Exploit DB Packet Storm
503 - - - A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbi… New - CVE-2023-6604 2025-01-7 02:15 2025-01-7 Show GitHub Exploit DB Packet Storm
504 - - - A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file e… New - CVE-2023-6601 2025-01-7 02:15 2025-01-7 Show GitHub Exploit DB Packet Storm
505 8.8 HIGH
Network
- - The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object Injection in all versions from 1.23.8 to 1.24.11 via deserialization of untrusted input in the 'recursiv… Update - CVE-2024-10957 2025-01-7 02:15 2025-01-4 Show GitHub Exploit DB Packet Storm
506 - - - An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS due to insufficient enforcement of password complexity requirements. The app… Update - CVE-2025-22390 2025-01-7 02:15 2025-01-4 Show GitHub Exploit DB Packet Storm
507 - - - An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue exists in requests for resources where the session token is submitted as a URL parameter. This expos… Update - CVE-2025-22387 2025-01-7 02:15 2025-01-4 Show GitHub Exploit DB Packet Storm
508 - - - An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors t… Update - CVE-2025-22384 2025-01-7 02:15 2025-01-4 Show GitHub Exploit DB Packet Storm
509 - - - In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execut… Update - CVE-2024-53833 2025-01-7 02:15 2025-01-3 Show GitHub Exploit DB Packet Storm
510 7.5 HIGH
Network
progress whatsup_gold In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings. Update CWE-306
Missing Authentication for Critical Function
CVE-2024-12106 2025-01-7 01:54 2024-12-31 Show GitHub Exploit DB Packet Storm