Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 1, 2025, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198781 6.8 警告 Bloxx - Bloxx Web Filtering で使用される Microdasys におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-3343 2012-06-12 15:23 2011-06-9 Show GitHub Exploit DB Packet Storm
198782 5 警告 Bloxx - Bloxx Web Filtering における IP アドレスとドメインの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2566 2012-06-12 15:19 2011-06-9 Show GitHub Exploit DB Packet Storm
198783 5.8 警告 Bloxx - Bloxx Web Filtering における平文パスワードを容易に推測される脆弱 CWE-264
認可・権限・アクセス制御 		CVE-2012-2565 2012-06-12 15:17 2011-06-9 Show GitHub Exploit DB Packet Storm
198784 6.8 警告 Bloxx - Bloxx Web Filtering の管理インターフェースにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2564 2012-06-12 15:14 2011-06-9 Show GitHub Exploit DB Packet Storm
198785 4.3 警告 Bloxx - Bloxx Web Filtering におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2563 2012-06-12 15:10 2011-06-9 Show GitHub Exploit DB Packet Storm
198786 5.8 警告 シーメンス - Siemens WinCC の Web アプリケーションにおけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3003 2012-06-12 14:31 2012-06-5 Show GitHub Exploit DB Packet Storm
198787 4.3 警告 シーメンス - Siemens WinCC の DiagAgent Web サーバにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2598 2012-06-12 14:27 2012-06-5 Show GitHub Exploit DB Packet Storm
198788 4 警告 シーメンス - Siemens WinCC におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-2597 2012-06-12 14:26 2012-06-5 Show GitHub Exploit DB Packet Storm
198789 5.5 警告 シーメンス - Siemens WinCC の Web アプリケーションの XPath 機能における設定を読まれる脆弱性 CWE-94
コード・インジェクション 		CVE-2012-2596 2012-06-12 14:22 2012-06-5 Show GitHub Exploit DB Packet Storm
198790 4.3 警告 シーメンス - Siemens WinCC の Web アプリケーションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2595 2012-06-12 14:02 2012-06-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 1, 2025, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
631 - - - Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of Temporary File With Insecure Permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulne… CWE-378
 Creation of Temporary File With Insecure Permissions 		CVE-2024-52543 2024-12-26 01:15 2024-12-26 Show GitHub Exploit DB Packet Storm
632 - - - Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerabili… CWE-294
Authentication Bypass by Capture-replay  		CVE-2024-52534 2024-12-26 01:15 2024-12-26 Show GitHub Exploit DB Packet Storm
633 - - - Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through Metadata vulnerability. An unauthenticated attacker with remote access could potentially exploit this vuln… CWE-1230
 Exposure of Sensitive Information Through Metadata 		CVE-2024-53291 2024-12-26 00:15 2024-12-26 Show GitHub Exploit DB Packet Storm
634 5.5 MEDIUM
Local 		- - IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service. CWE-362
Race Condition 		CVE-2024-52906 2024-12-26 00:15 2024-12-26 Show GitHub Exploit DB Packet Storm
635 - - - Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remed… CWE-61
 UNIX Symbolic Link (Symlink) Following 		CVE-2024-52535 2024-12-26 00:15 2024-12-26 Show GitHub Exploit DB Packet Storm
636 - - - Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leadi… CWE-250
 Execution with Unnecessary Privileges 		CVE-2024-47978 2024-12-26 00:15 2024-12-26 Show GitHub Exploit DB Packet Storm
637 5.5 MEDIUM
Local 		- - IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. CWE-20
 Improper Input Validation  		CVE-2024-47102 2024-12-26 00:15 2024-12-26 Show GitHub Exploit DB Packet Storm
638 - - - An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be a… CWE-213
 Exposure of Sensitive Information Due to Incompatible Policies 		CVE-2023-5117 2024-12-26 00:15 2024-12-26 Show GitHub Exploit DB Packet Storm
639 4.3 MEDIUM
Network 		- - IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to remot… CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2024-51464 2024-12-26 00:15 2024-12-21 Show GitHub Exploit DB Packet Storm
640 6.1 MEDIUM
Network 		- - IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expo… CWE-1022
 Use of Web Link to Untrusted Target with window.opener Access 		CVE-2024-39727 2024-12-25 23:15 2024-12-25 Show GitHub Exploit DB Packet Storm