Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199091 7.5 危険 adultscript - Adult Script の admin/administrator.php における認証を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2007-6414 2012-06-26 15:54 2007-12-17 Show GitHub Exploit DB Packet Storm
199092 6.8 警告 Bitweaver - Bitweaver の wiki/index.php における任意の PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6412 2012-06-26 15:54 2007-12-17 Show GitHub Exploit DB Packet Storm
199093 4.3 警告 gadu-gadu - Gadu-Gadu の GG Client の HandleEmotsConfig 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6411 2012-06-26 15:54 2007-12-17 Show GitHub Exploit DB Packet Storm
199094 4.3 警告 gadu-gadu - Gadu-Gadu におけるクロスサイトリクエストフォージェリ攻撃の脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-6410 2012-06-26 15:54 2007-12-17 Show GitHub Exploit DB Packet Storm
199095 4.3 警告 gadu-gadu - Gadu-Gadu の gg プロトコルハンドラにおけるサービス運用妨害 (DoS) の脆弱性 CWE-16
環境設定 		CVE-2007-6409 2012-06-26 15:54 2007-12-17 Show GitHub Exploit DB Packet Storm
199096 4.3 警告 CA Technologies - CA eTrust Threat Management Console におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6406 2012-06-26 15:54 2007-12-17 Show GitHub Exploit DB Packet Storm
199097 6.5 警告 ace image hosting script - Ace Image Hosting Script の albums.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6393 2012-06-26 15:54 2007-12-17 Show GitHub Exploit DB Packet Storm
199098 7.5 危険 dominion web - DWdirectory における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6392 2012-06-26 15:54 2007-12-17 Show GitHub Exploit DB Packet Storm
199099 2.1 注意 GNOME Project - GNOME screensaver の通知機能におけるクリップボードの内容などを読まれる脆弱性 CWE-DesignError
CVE-2007-6389 2012-06-26 15:54 2007-12-11 Show GitHub Exploit DB Packet Storm
199100 7.5 危険 BEAシステムズ - BEA WebLogic Mobility Server の Image Converter 機能におけるアプリケーションファイルおよびリソースアクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2007-6384 2012-06-26 15:54 2007-12-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 25, 2025, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1561 - - - Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2024-13813 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1562 - - - External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read … CWE-73
 External Control of File Name or Path 		CVE-2024-12058 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1563 - - - Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality. CWE-22
Path Traversal 		CVE-2024-11771 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1564 - - - Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code ex… CWE-94
Code Injection 		CVE-2024-10644 2025-02-12 01:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1565 - - - In affected versions of Octopus Deploy where customers are using Active Directory for authentication it was possible for an unauthenticated user to make an API request against two endpoints which wou… - CVE-2025-0589 2025-02-12 01:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1566 - - - A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulati… - CVE-2025-1178 2025-02-12 01:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1567 - - - The Stray Random Quotes WordPress plugin through 1.9.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used … - CVE-2024-13570 2025-02-12 01:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1568 - - - The Zarinpal Paid Download WordPress plugin through 2.3 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they s… - CVE-2024-13544 2025-02-12 01:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1569 - - - Versions of the package hackney from 0.0.0 are vulnerable to Server-side Request Forgery (SSRF) due to improper parsing of URLs by URI built-in module and hackey. Given the URL http://127.0.0.1?@127.… - CVE-2025-1211 2025-02-12 01:15 2025-02-11 Show GitHub Exploit DB Packet Storm
1570 - - - A vulnerability, which was classified as problematic, has been found in code-projects Police FIR Record Management System 1.0. This issue affects some unknown processing of the component Add Record H… - CVE-2025-1164 2025-02-12 01:15 2025-02-11 Show GitHub Exploit DB Packet Storm