Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
199941	4.3	警告	Apache Software Foundation	-	Apache MyFaces Tomahawk の特定の JSF アプリケーションにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3101	2012-06-26 15:46	2007-06-18	Show	GitHub Exploit DB Packet Storm

199942	5	警告	Castle Rock Computing	-	Castle Rock Computing SNMPc の SNMPc Server プロセスにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3098	2012-06-26 15:46	2007-06-6	Show	GitHub Exploit DB Packet Storm

199943	7.5	危険	F5 Networks	-	F5 FirePass 4100 SSL VPN の my.activation.php3 ファイルにおける Username 任意のシェルコマンドを実行される脆弱性	-	CVE-2007-3097	2012-06-26 15:46	2007-06-6	Show	GitHub Exploit DB Packet Storm

199944	7.5	危険	gaya design	-	Comicsense の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3088	2012-06-26 15:46	2007-06-6	Show	GitHub Exploit DB Packet Storm

199945	4.9	警告	Agnitum	-	Agnitum Outpost Firewall PRO におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3086	2012-06-26 15:46	2007-06-6	Show	GitHub Exploit DB Packet Storm

199946	7.5	危険	comdev	-	Comdev Web Blogger の sampleblogger.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3084	2012-06-26 15:46	2007-06-6	Show	GitHub Exploit DB Packet Storm

199947	7.5	危険	comdev	-	Comdev eCommerce の sampleecommerce.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3081	2012-06-26 15:46	2007-06-6	Show	GitHub Exploit DB Packet Storm

199948	7.1	危険	eqdkp	-	EQdkp の listmembers.php における重要な情報が取得される脆弱性	-	CVE-2007-3079	2012-06-26 15:46	2007-06-6	Show	GitHub Exploit DB Packet Storm

199949	4.3	警告	aigaion	-	Aigaion におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3078	2012-06-26 15:46	2007-06-6	Show	GitHub Exploit DB Packet Storm

199950	7.5	危険	eqdkp	-	EQdkp の listmembers.php における SQL インジェクションの脆弱性	-	CVE-2007-3077	2012-06-26 15:46	2007-06-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 13, 2025, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1661	5.4	MEDIUM Network	wpmet	elementskit	The ElementsKit Pro plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.7.8 due to insufficient input sanitizat…	CWE-79 Cross-site Scripting	CVE-2025-0321	2025-01-31 02:39	2025-01-28	Show	GitHub Exploit DB Packet Storm

1662	5.5	MEDIUM Local	apple	watchos ipados tvos visionos iphone_os macos	This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.2, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Se…	NVD-CWE-noinfo	CVE-2024-54541	2025-01-31 02:31	2025-01-28	Show	GitHub Exploit DB Packet Storm

1663	7.8	HIGH Local	apple	watchos ipados macos tvos iphone_os	The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.	CWE-787 Out-of-bounds Write	CVE-2024-54522	2025-01-31 02:26	2025-01-28	Show	GitHub Exploit DB Packet Storm

1664	9.1	CRITICAL Network	apple	watchos ipados iphone_os	The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS 18.2 and iPadOS 18.2. A system binary could be used to fingerprint a user's Apple Account.	NVD-CWE-noinfo	CVE-2024-54512	2025-01-31 02:20	2025-01-28	Show	GitHub Exploit DB Packet Storm

1665	5.4	MEDIUM Network	philantro	philantro	The Philantro – Donations and Donor Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'donate' in all versions up to, and including, 5.3 du…	CWE-79 Cross-site Scripting	CVE-2024-13527	2025-01-31 02:18	2025-01-28	Show	GitHub Exploit DB Packet Storm

1666	-		-	-	In versions 3.1.0 and lower of the Splunk Supporting Add-on for Active Directory, also known as SA-ldapsearch, a vulnerable regular expression pattern could lead to a Regular Expression Denial of Ser…	-	CVE-2025-0367	2025-01-31 02:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

1667	-		-	-	A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 (11.19.6.0) allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally auth…	-	CVE-2024-2658	2025-01-31 02:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

1668	-		-	-	Teedy <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF), due to the lack of CSRF protection.	-	CVE-2024-54851	2025-01-31 02:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

1669	-		-	-	HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the "erro" parameter.	-	CVE-2024-51182	2025-01-31 02:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

1670	7.8	HIGH Local	apple	macos	An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Sonoma 14.7.3. An app may be able to cause unexpected …	CWE-787 Out-of-bounds Write	CVE-2024-54509	2025-01-31 02:13	2025-01-28	Show	GitHub Exploit DB Packet Storm