Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 11, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199151 7.5 危険 emek portal - Emek Portal の giris_yap.asp における SQL インジェクションの脆弱性 - CVE-2006-5217 2012-06-26 15:37 2006-10-10 Show GitHub Exploit DB Packet Storm
199152 5 警告 ciphertrust - IronWebMail におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5210 2012-06-26 15:37 2006-10-16 Show GitHub Exploit DB Packet Storm
199153 7.5 危険 DeltaScripts - PHP Classifieds における SQL インジェクションの脆弱性 - CVE-2006-5208 2012-06-26 15:37 2006-10-10 Show GitHub Exploit DB Packet Storm
199154 10 危険 CA Technologies - 複数の CA 製品で使用される RPC インターフェースにおけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-5171 2012-06-26 15:37 2007-01-11 Show GitHub Exploit DB Packet Storm
199155 5 警告 アドビシステムズ - Adobe Breeze Licensed Server および Breeze Licensed Server における任意のファイルを読まれる脆弱性 - CVE-2006-5200 2012-06-26 15:37 2006-10-10 Show GitHub Exploit DB Packet Storm
199156 2.1 注意 アドビシステムズ - Adobe Contribute Publishing Server におけるサーバへのアクセス権限を取得される脆弱性 - CVE-2006-5199 2012-06-26 15:37 2006-10-10 Show GitHub Exploit DB Packet Storm
199157 7.5 危険 bulletin board ace - BBaCE の includes/functions.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5187 2012-06-26 15:37 2006-10-10 Show GitHub Exploit DB Packet Storm
199158 7.5 危険 dayfox designs - Dayfox Designs Dayfox Blog における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5183 2012-06-26 15:37 2006-10-10 Show GitHub Exploit DB Packet Storm
199159 7.5 危険 dan jensen - Dan Jensen Travelsized CMS の frontpage.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5182 2012-06-26 15:37 2006-10-10 Show GitHub Exploit DB Packet Storm
199160 7.5 危険 baumedia - Sebastian Baumann の include/main.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5180 2012-06-26 15:37 2006-10-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 12, 2025, 4:59 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
531 - - - Rejected reason: loading template... - CVE-2024-5610 2025-01-9 08:15 2025-01-9 Show GitHub Exploit DB Packet Storm
532 - - - Carbon is an international PHP extension for DateTime. Application passing unsanitized user input to Carbon::setLocale are at risk of arbitrary file include, if the application allows users to upload… CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2025-22145 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
533 - - - A vulnerability in the firewall component of HPE Aruba Networking CX 10000 Series Switches exists. It could allow an unauthenticated adjacent attacker to conduct a packet forwarding attack against … - CVE-2024-54010 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
534 - - - SickChill is an automatic video library manager for TV shows. A user-controlled `login` endpoint's `next_` parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82,… CWE-601
Open Redirect 		CVE-2024-53995 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
535 - - - Certain Teradata account-handling code through 2024-11-04, used with SUSE Enterprise Linux Server, mismanages groups. Specifically, when there is an operating system move from SUSE Enterprise Linux S… - CVE-2024-52869 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
536 - - - A vulnerability classified as critical was found in ZeroWdd myblog 1.0. This vulnerability affects unknown code of the file src/main/resources/mapper/BlogMapper.xml. The manipulation of the argument … CWE-74
CWE-91
Injection
Blind XPath Injection 		CVE-2024-13190 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
537 - - - An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of… CWE-862
 Missing Authorization 		CVE-2024-12431 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
538 - - - A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file src/main/java/com/wdd/myblog/config/MyBlogMvcConfig.java. The manipulation leads … - CVE-2024-13189 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
539 - - - A vulnerability was found in Kingsoft WPS Office 6.14.0 on macOS. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component TCC Handler. The manipu… - CVE-2024-13187 2025-01-9 06:15 2025-01-9 Show GitHub Exploit DB Packet Storm
540 - - - WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the listar_permissoes.php endpoint of the WeGIA application. This vulnerabil… CWE-79
Cross-site Scripting 		CVE-2025-22143 2025-01-9 05:15 2025-01-9 Show GitHub Exploit DB Packet Storm