Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
199341	7.5	危険	battlefront	-	Battlefront Dropteam におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5263	2012-06-26 15:54	2007-10-8	Show	GitHub Exploit DB Packet Storm

199342	7.5	危険	ActivePDF, Inc.	-	activePDF Server の activePDF Server サービスにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5397	2012-06-26 15:54	2008-02-28	Show	GitHub Exploit DB Packet Storm

199343	6.8	警告	cplinks	-	cpDynaLinks の category.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-5408	2012-06-26 15:54	2007-10-12	Show	GitHub Exploit DB Packet Storm

199344	10	危険	AbiWord link grammar	-	AbiWord Link Grammar で使用される Link Grammar の separate_word 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5395	2012-06-26 15:54	2007-11-7	Show	GitHub Exploit DB Packet Storm

199345	4.3	警告	日本アルカテル・ルーセント bt	-	BT Home Hub などで使用される Thomson/Alcatel SpeedTouch 7G ルータにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5385	2012-06-26 15:54	2007-10-11	Show	GitHub Exploit DB Packet Storm

199346	4.3	警告	日本アルカテル・ルーセント bt	-	BT Home Hub で使用される Thomson/Alcatel SpeedTouch 7G ルータにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-5384	2012-06-26 15:54	2007-10-11	Show	GitHub Exploit DB Packet Storm

199347	10	危険	日本アルカテル・ルーセント bt	-	BT Home Hub で使用される Thomson/Alcatel SpeedTouch 7G ルータにおける管理者アクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2007-5383	2012-06-26 15:54	2007-10-11	Show	GitHub Exploit DB Packet Storm

199348	10	危険	シスコシステムズ	-	CiscoWorks WLSE を変換する変換ユーティリティにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-5382	2012-06-26 15:54	2007-10-10	Show	GitHub Exploit DB Packet Storm

199349	6.9	警告	GNU Project	-	Emacs の Tramp 拡張における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2007-5377	2012-06-26 15:54	2007-10-4	Show	GitHub Exploit DB Packet Storm

199350	10	危険	LedgerSMB dws systems inc.	-	LedgerSMB における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-5372	2012-06-26 15:54	2007-09-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 4, 2025, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1041	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Popup Maker Popup Maker allows Stored XSS. This issue affects Popup Maker: from n/a through 1.20.…	CWE-79 Cross-site Scripting	CVE-2025-24746	2025-01-25 03:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

1042	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in FluentSMTP & WPManageNinja Team FluentSMTP allows Cross Site Request Forgery. This issue affects FluentSMTP: from n/a through 2.2.80.	CWE-352 Origin Validation Error	CVE-2025-24739	2025-01-25 03:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

1043	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in NowButtons.com Call Now Button allows Cross Site Request Forgery. This issue affects Call Now Button: from n/a through 1.4.13.	CWE-352 Origin Validation Error	CVE-2025-24738	2025-01-25 03:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

1044	-	-	-	Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Post Duplicator: from n/a through…	CWE-862 Missing Authorization	CVE-2025-24736	2025-01-25 03:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

1045	-	-	-	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AddonMaster Post Grid Master allows PHP Local File Inclusion. This issue affec…	CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')	CVE-2025-24733	2025-01-25 03:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

1046	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking & Appointment - Repute Infosystems BookingPress allows DOM-Based XSS. This issue affects …	CWE-79 Cross-site Scripting	CVE-2025-24732	2025-01-25 03:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

1047	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IP2Location Download IP2Location Country Blocker allows Stored XSS. This issue affects Download I…	CWE-79 Cross-site Scripting	CVE-2025-24731	2025-01-25 03:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

1048	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rextheme WP VR allows DOM-Based XSS. This issue affects WP VR: from n/a through 8.5.14.	CWE-79 Cross-site Scripting	CVE-2025-24730	2025-01-25 03:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

1049	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ElementInvader ElementInvader Addons for Elementor allows Stored XSS. This issue affects ElementI…	CWE-79 Cross-site Scripting	CVE-2025-24729	2025-01-25 03:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

1050	-	-	-	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yannick Lefebvre Bug Library allows Blind SQL Injection. This issue affects Bug Library: from n/a…	CWE-89 SQL Injection	CVE-2025-24728	2025-01-25 03:15	2025-01-25	Show	GitHub Exploit DB Packet Storm