Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 14, 2025, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199531 7.5 危険 comscripts - AnnonceV の annonce.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4622 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
199532 7.5 危険 bare concept media - Pheap の settings.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4621 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
199533 4.6 警告 Alt-N - MDaemon が稼動している Alt-N WebAdmin の useredit_account.wdm モジュールにおけるシステムのメールキューへのアクセス権を取得される脆弱性 - CVE-2006-4620 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
199534 4.6 警告 Avira - Avira AntiVir PersonalEdition Classic の更新スタートウィンドウにおける権限を取得される脆弱性 - CVE-2006-4619 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
199535 7.5 危険 dsocks - dsocks の dsocks.c の _tor_resolve 関数におけるバッファオーバーフローの脆弱性 - CVE-2006-4611 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
199536 5.1 警告 graphiks - GrapAgenda の index.php における PHP リモートファイルインクルーションの脆弱性 - CVE-2006-4610 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
199537 7.5 危険 annuaire - Annuaire 1Two の index.php における SQL インジェクションの脆弱性 - CVE-2006-4601 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
199538 7.5 危険 autentificator - Autentificator の aut_verifica.inc.php における SQL インジェクションの脆弱性 - CVE-2006-4599 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
199539 7.5 危険 bugada andrea - phpAtm における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4594 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
199540 7.5 危険 8pixel - 8pixel.net Simple Blog の default.asp における SQL インジェクション攻撃を実行される脆弱性 - CVE-2006-4592 2012-06-26 15:37 2006-09-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
321 - - - WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `Cadastro_Atendido.… New CWE-79
Cross-site Scripting 		CVE-2025-22615 2025-01-14 06:15 2025-01-14 Show GitHub Exploit DB Packet Storm
322 - - - WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `dependente_editarInfo… New CWE-79
Cross-site Scripting 		CVE-2025-22614 2025-01-14 06:15 2025-01-14 Show GitHub Exploit DB Packet Storm
323 - - - When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try t… New CWE-122
Heap-based Buffer Overflow 		CVE-2025-22134 2025-01-14 06:15 2025-01-14 Show GitHub Exploit DB Packet Storm
324 - - - jte (Java Template Engine) is a secure and lightweight template engine for Java and Kotlin. In affected versions Jte HTML templates with `script` tags or script attributes that include a Javascript t… New - CVE-2025-23026 2025-01-14 06:15 2025-01-14 Show GitHub Exploit DB Packet Storm
325 - - - NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit permissions can validate users and an attacker can reset the… New - CVE-2025-22144 2025-01-14 06:15 2025-01-14 Show GitHub Exploit DB Packet Storm
326 - - - MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name parameter the General Information module. New - CVE-2024-54999 2025-01-14 06:15 2025-01-14 Show GitHub Exploit DB Packet Storm
327 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. Update - CVE-2024-57225 2025-01-14 06:15 2025-01-11 Show GitHub Exploit DB Packet Storm
328 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. Update - CVE-2024-57224 2025-01-14 06:15 2025-01-11 Show GitHub Exploit DB Packet Storm
329 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. Update - CVE-2024-57223 2025-01-14 06:15 2025-01-11 Show GitHub Exploit DB Packet Storm
330 - - - An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private key and access sensitive data or execute a man-in-the-middle attack. Update - CVE-2024-54849 2025-01-14 06:15 2025-01-11 Show GitHub Exploit DB Packet Storm