Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 11, 2025, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198781 6.6 警告 CA Technologies - CA Anti-Virus および CA Internet Security Suite の VetMONNT.sys ドライバにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6496 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
198782 7.5 危険 easypage - EasyPage における SQL インジェクションの脆弱性 - CVE-2006-6486 2012-06-26 15:38 2006-12-12 Show GitHub Exploit DB Packet Storm
198783 2.6 注意 アドビシステムズ - Adobe ColdFusion MX における任意の Web スクリプトまたは HTML を挿入される脆弱性 - CVE-2006-6483 2012-06-26 15:38 2006-12-12 Show GitHub Exploit DB Packet Storm
198784 5 警告 アドビシステムズ - Adobe ColdFusion MX における重要な情報を取得される脆弱性 - CVE-2006-6482 2012-06-26 15:38 2006-12-12 Show GitHub Exploit DB Packet Storm
198785 7.5 危険 cm68 news - CM68 News の engine/oldnews.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-6462 2012-06-26 15:38 2006-12-11 Show GitHub Exploit DB Packet Storm
198786 7.5 危険 duware - DUware DUdirectory の admin/default.asp における SQL インジェクションの脆弱性 - CVE-2006-6455 2012-06-26 15:38 2006-12-10 Show GitHub Exploit DB Packet Storm
198787 7.5 危険 envolution - Envolution の error.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-6445 2012-06-26 15:38 2006-12-10 Show GitHub Exploit DB Packet Storm
198788 6.8 警告 DivX - Nostra DivX Player におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-6444 2012-06-26 15:38 2006-12-10 Show GitHub Exploit DB Packet Storm
198789 9.3 危険 AOL - AOL などの製品で使用される cddbcontrol.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2006-6442 2012-06-26 15:38 2006-12-10 Show GitHub Exploit DB Packet Storm
198790 5 警告 agileco - Agileco AgileBill および AgileVoice におけるアプリケーションを無効にする脆弱性 - CVE-2006-6422 2012-06-26 15:38 2006-12-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 11, 2025, 5:03 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
331 - - - The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases. New - CVE-2024-37372 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
332 - - - Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the sh… New - CVE-2024-27980 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
333 - - - A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar. The… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2024-13199 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
334 - - - A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepa… New CWE-203
CWE-204
 Information Exposure Through Discrepancy
 Response Discrepancy Information Exposure 		CVE-2024-13198 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
335 - - - ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current `umask` settings, meaning that it's po… New - CVE-2023-38037 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
336 - - - The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compl… New - CVE-2023-28362 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
337 - - - There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. New - CVE-2023-28120 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
338 - - - There is a denial of service vulnerability in the header parsing component of Rack. New - CVE-2023-27539 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
339 - - - There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code New - CVE-2023-27531 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
340 - - - There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potentia… New - CVE-2023-23913 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm