Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 22, 2025, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
11 9.8 緊急
Network 		huayi-tec jeewms JeeWMS におけるパストラバーサルの脆弱性 New CWE-22
CWE-27
CVE-2024-27764 2025-01-22 17:27 2024-03-5 Show GitHub Exploit DB Packet Storm
12 7.5 重要
Network 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10
Microsoft Windows 11
Microsoft Windows Server 2025
Microsoft Windows Server&… 		Windows リモート デスクトップ サービスのサービス拒否の脆弱性 New CWE-400
CWE-noinfo
CVE-2025-21330 2025-01-22 17:26 2025-01-14 Show GitHub Exploit DB Packet Storm
13 7.8 重要
Local 		マイクロソフト Microsoft Office
Microsoft 365 Apps
Microsoft Office Online Server 		Microsoft Excel のリモートでコードが実行される脆弱性 New CWE-822
CWE-noinfo
CVE-2025-21354 2025-01-22 17:26 2025-01-14 Show GitHub Exploit DB Packet Storm
14 6.7 警告
Local 		マイクロソフト Microsoft Office
Microsoft 365 Apps
Microsoft Outlook 		Microsoft Outlook のリモートでコードが実行される脆弱性 New CWE-908
CWE-noinfo
CVE-2025-21357 2025-01-22 17:26 2025-01-14 Show GitHub Exploit DB Packet Storm
15 4.9 警告
Network 		ZyXEL DX5401-B1 ファームウェア
DX3300-T0 ファームウェア
ex5401-b0 ファームウェア
EX5600-T1 ファームウェア
DX4510-B1 ファームウェア
EX5401-B1 ファームウェア
EX3510-B1 ファームウェア
EX3510-B0 ファ… 		複数の ZyXEL 製品における古典的バッファオーバーフローの脆弱性 New CWE-120
古典的バッファオーバーフロー 		CVE-2024-9197 2025-01-22 17:20 2024-12-3 Show GitHub Exploit DB Packet Storm
16 5.3 警告
Network 		Fortra FileCatalyst Direct Fortra の FileCatalyst Direct におけるパストラバーサルの脆弱性 New CWE-22
CWE-22
CVE-2024-25154 2025-01-22 17:17 2024-03-13 Show GitHub Exploit DB Packet Storm
17 9.8 緊急
Network 		The Biosig Project
Fedora Project		 libbiosig
Fedora 		The Biosig Project の libbiosig 等複数ベンダの製品における境界外書き込みに関する脆弱性 New CWE-787
境界外書き込み 		CVE-2024-23305 2025-01-22 17:15 2024-02-20 Show GitHub Exploit DB Packet Storm
18 9.8 緊急
Network 		dirk1983 chatgpt-wechat-personal dirk1983 の chatgpt-wechat-personal におけるサーバサイドのリクエストフォージェリの脆弱性 New CWE-918
CWE-918
CVE-2024-27565 2025-01-22 17:08 2024-03-5 Show GitHub Exploit DB Packet Storm
19 5.4 警告
Network 		Gonahkar Custom fields shortcode Gonahkar の WordPress 用 Custom fields shortcode におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2023-6809 2025-01-22 17:05 2023-12-13 Show GitHub Exploit DB Packet Storm
20 5.4 警告
Network 		Savvy Wordpress Development MyWaze Savvy Wordpress Development の WordPress 用 MyWaze におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-25594 2025-01-22 17:03 2024-02-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 22, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275011 - web-app.org webapp The (1) login, (2) admin profile edit, (3) reminder, (4) edit profile, (5) profile view, (6) gallery view, (7) gallery comment, and (8) gallery feedback capabilities in web-app.org WebAPP before 0.9.… NVD-CWE-Other
CVE-2007-3421 2008-11-15 15:52 2007-06-27 Show GitHub Exploit DB Packet Storm
275012 - web-app.org webapp The getcgi function in cgi-bin/cgi-lib/subs.pl in web-app.org WebAPP before 0.9.9.7 attempts to parse query strings that contain (1) non-printing characters, (2) certain printing characters that do n… NVD-CWE-Other
CVE-2007-3422 2008-11-15 15:52 2007-06-27 Show GitHub Exploit DB Packet Storm
275013 - web-app.org webapp cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 uses the From field of an instant message as the beginning of the .dat file name when the (1) imview2 or (2) imview3 function re… NVD-CWE-Other
CVE-2007-3423 2008-11-15 15:52 2007-06-27 Show GitHub Exploit DB Packet Storm
275014 - web-app.org webapp The moveim function in cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 uses the tocat parameter as a subdirectory name when moving an instant message, which has unknown impact … NVD-CWE-Other
CVE-2007-3424 2008-11-15 15:52 2007-06-27 Show GitHub Exploit DB Packet Storm
275015 - zoneo-soft phptraffica Multiple unspecified vulnerabilities in phpTrafficA before 1.4.2 allow remote attackers to have an unknown impact via the file parameter to (1) plotStatBar.php or (2) plotStatPie.php, different vecto… NVD-CWE-Other
CVE-2007-3428 2008-11-15 15:52 2007-06-27 Show GitHub Exploit DB Packet Storm
275016 - yandex yandex.server Multiple cross-site scripting (XSS) vulnerabilities in Yandex.Server allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) within parameter to the default URI. NVD-CWE-Other
CVE-2007-3485 2008-11-15 15:52 2007-06-29 Show GitHub Exploit DB Packet Storm
275017 - altavista search_engine Cross-site scripting (XSS) vulnerability in AltaVista search engine allows remote attackers to inject arbitrary web script or HTML via the text parameter to the default URI. NVD-CWE-Other
CVE-2007-3486 2008-11-15 15:52 2007-06-29 Show GitHub Exploit DB Packet Storm
275018 - slackroll slackroll SlackRoll before 8 accepts gpg exit codes other than 0 and 1 as evidence of a valid signature, which allows remote Slackware mirror sites or man-in-the-middle attackers to cause a denial of service (… NVD-CWE-Other
CVE-2007-3499 2008-11-15 15:52 2007-06-30 Show GitHub Exploit DB Packet Storm
275019 - advanced_software_production_line vortex_library Buffer overflow in Advanced Software Production Line Vortex Library before 1.0.3 allows remote attackers to cause a denial of service (listener crash) via unspecified vectors related to the select I/… NVD-CWE-Other
CVE-2007-3046 2008-11-15 15:51 2007-06-6 Show GitHub Exploit DB Packet Storm
275020 - joomla jd-wiki Multiple PHP remote file inclusion vulnerabilities in the OpenWiki (formerly JD-Wiki) component (com_jd-wiki) 1.0.2, and possibly earlier, for Joomla! allow remote attackers to execute arbitrary PHP … CWE-94
Code Injection 		CVE-2007-3130 2008-11-15 15:51 2007-06-9 Show GitHub Exploit DB Packet Storm