Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 13, 2025, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
199521	4.3	警告	サイバートラスト株式会社 ImageMagick レッドハット	-	Imagemagick の関数の呼び出し処理の不備によるサービス運用妨害 (DoS) の脆弱性	CWE-399 CWE-DesignError	CVE-2007-4985	2012-06-26 14:15	2007-09-24	Show	GitHub Exploit DB Packet Storm

199522	5	警告	サイバートラスト株式会社 ImageMagick ターボリナックスレッドハット	-	ImageMagick の XWD ファイルの処理における無限ループが発生する脆弱性	-	CVE-2005-1739	2012-06-26 14:15	2005-05-21	Show	GitHub Exploit DB Packet Storm

199523	7.5	危険	ターボリナックスレッドハット	-	ImageMagick の SGI ファイルの取り扱いにおけるバッファオーバーフローの脆弱性	-	CVE-2005-0762	2012-06-26 14:14	2005-03-23	Show	GitHub Exploit DB Packet Storm

199524	5	警告	ターボリナックスレッドハット	-	ImageMagick における不正な PSD ファイルによるサービス運用妨害 (DoS) の脆弱性	-	CVE-2005-0761	2012-06-26 14:14	2005-03-23	Show	GitHub Exploit DB Packet Storm

199525	5	警告	ターボリナックスレッドハット	-	ImageMagick の TIFF デコーダにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2005-0760	2012-06-26 14:14	2005-03-23	Show	GitHub Exploit DB Packet Storm

199526	6.9	警告	IBM	-	IBM AIX の libodm.a における任意のファイルを上書される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2179	2012-06-26 14:12	2012-05-16	Show	GitHub Exploit DB Packet Storm

199527	4.3	警告	IBM	-	IBM System Storage DS Storage Manager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2172	2012-06-26 14:11	2012-06-20	Show	GitHub Exploit DB Packet Storm

199528	6.5	警告	IBM	-	IBM System Storage DS Storage Manager における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-2171	2012-06-26 14:09	2012-06-20	Show	GitHub Exploit DB Packet Storm

199529	5	警告	IBM	-	IBM Lotus Expeditor の Web コンテナにおける localhost の要求元になりすまされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0191	2012-06-26 14:02	2012-06-21	Show	GitHub Exploit DB Packet Storm

199530	9.3	危険	IBM	-	IBM Lotus Expeditor における権限を取得される脆弱性	CWE-Other その他	CVE-2012-0187	2012-06-26 13:54	2012-06-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 13, 2025, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
251	-	-	-	WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the CobrancaController.php endpoint of the WeGIA application. This vulnerabilit… New	CWE-79 Cross-site Scripting	CVE-2025-22597	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

252	-	-	-	WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the modulos_visiveis.php endpoint of the WeGIA application. This vulnerabili… New	CWE-79 Cross-site Scripting	CVE-2025-22596	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

253	-	-	-	Atheos is a self-hosted browser-based cloud IDE. Prior to v600, the $path and $target parameters are not properly validated across multiple components, allowing an attacker to read, modify, or execut… New	CWE-22 CWE-94 CWE-434 Path Traversal Code Injection Unrestricted Upload of File with Dangerous Type	CVE-2025-22152	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

254	-	-	-	DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can be bypassed and cause t… New	CWE-289 Authentication Bypass by Alternate Name	CVE-2024-56511	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

255	-	-	-	Trippo Responsive Filemanager 9.14.0 is vulnerable to Cross Site Scripting (XSS) via file upload using the svg and pdf extensions. New	-	CVE-2024-50807	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

256	-	-	-	An arbitrary file upload vulnerability in the MediaPool module of Redaxo CMS v5.17.1 allows attackers to execute arbitrary code via uploading a crafted file. New	-	CVE-2024-46210	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

257	-	-	-	Scontain SCONE 5.8.0 has an interface vulnerability that leads to state corruption via injected signals. New	-	CVE-2024-29971	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

258	-	-	-	Fortanix Enclave OS 3.36.1941-EM has an interface vulnerability that leads to state corruption via injected signals. New	-	CVE-2024-29970	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

259	-	-	-	Gramine before a390e33e16ed374a40de2344562a937f289be2e1 suffers from an Interface vulnerability due to mismatching SW signals vs HW exceptions. New	-	CVE-2024-25371	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

260	-	-	-	FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c. New	-	CVE-2025-23022	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm