Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Dec. 28, 2024, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198781 6.8 警告 Bloxx - Bloxx Web Filtering で使用される Microdasys におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-3343 2012-06-12 15:23 2011-06-9 Show GitHub Exploit DB Packet Storm
198782 5 警告 Bloxx - Bloxx Web Filtering における IP アドレスとドメインの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2566 2012-06-12 15:19 2011-06-9 Show GitHub Exploit DB Packet Storm
198783 5.8 警告 Bloxx - Bloxx Web Filtering における平文パスワードを容易に推測される脆弱 CWE-264
認可・権限・アクセス制御 		CVE-2012-2565 2012-06-12 15:17 2011-06-9 Show GitHub Exploit DB Packet Storm
198784 6.8 警告 Bloxx - Bloxx Web Filtering の管理インターフェースにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2564 2012-06-12 15:14 2011-06-9 Show GitHub Exploit DB Packet Storm
198785 4.3 警告 Bloxx - Bloxx Web Filtering におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2563 2012-06-12 15:10 2011-06-9 Show GitHub Exploit DB Packet Storm
198786 5.8 警告 シーメンス - Siemens WinCC の Web アプリケーションにおけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3003 2012-06-12 14:31 2012-06-5 Show GitHub Exploit DB Packet Storm
198787 4.3 警告 シーメンス - Siemens WinCC の DiagAgent Web サーバにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2598 2012-06-12 14:27 2012-06-5 Show GitHub Exploit DB Packet Storm
198788 4 警告 シーメンス - Siemens WinCC におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-2597 2012-06-12 14:26 2012-06-5 Show GitHub Exploit DB Packet Storm
198789 5.5 警告 シーメンス - Siemens WinCC の Web アプリケーションの XPath 機能における設定を読まれる脆弱性 CWE-94
コード・インジェクション 		CVE-2012-2596 2012-06-12 14:22 2012-06-5 Show GitHub Exploit DB Packet Storm
198790 4.3 警告 シーメンス - Siemens WinCC の Web アプリケーションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2595 2012-06-12 14:02 2012-06-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Dec. 28, 2024, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
601 - - - An issue was discovered in the Webmail Classic UI in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A Local File Inclusion (LFI) vulnerability exists in the /h/rest endpoint, allowing authenticate… - CVE-2024-54663 2024-12-20 08:15 2024-12-20 Show GitHub Exploit DB Packet Storm
602 - - - Remote authentication bypass vulnerability in HPE Alletra Storage MP B10000 in versions prior to version 10.4.5 could be remotely exploited to allow disclosure of information. - CVE-2024-54009 2024-12-20 08:15 2024-12-20 Show GitHub Exploit DB Packet Storm
603 - - - There is an unrestricted file upload vulnerability where it is possible for an authenticated user (low privileged) to upload an jsp shell and execute code with the privileges of user running the web … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-12700 2024-12-20 08:15 2024-12-20 Show GitHub Exploit DB Packet Storm
604 - - - An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted NAS message. - CVE-2024-54984 2024-12-20 07:15 2024-12-20 Show GitHub Exploit DB Packet Storm
605 - - - An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a crafted NAS message. - CVE-2024-54983 2024-12-20 07:15 2024-12-20 Show GitHub Exploit DB Packet Storm
606 - - - An issue in Quectel BC25 with firmware version BC25PAR01A06 allows attackers to bypass authentication via a crafted NAS message. - CVE-2024-54982 2024-12-20 07:15 2024-12-20 Show GitHub Exploit DB Packet Storm
607 - - - A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1). - CVE-2024-12729 2024-12-20 07:15 2024-12-20 Show GitHub Exploit DB Packet Storm
608 - - - A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems. - CVE-2024-2201 2024-12-20 06:15 2024-12-20 Show GitHub Exploit DB Packet Storm
609 - - - A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3 (20.0.3). - CVE-2024-12728 2024-12-20 06:15 2024-12-20 Show GitHub Exploit DB Packet Storm
610 - - - A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0 MR1 (21.0.1) allows access to the reporting database and can lead to remote code exe… - CVE-2024-12727 2024-12-20 06:15 2024-12-20 Show GitHub Exploit DB Packet Storm