Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 10, 2025, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200451 5 警告 microblog - MicroBlog における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3756 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
200452 5 警告 MantisBT Group - MantisBT における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3755 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
200453 5 警告 Mambo Foundation - Mambo における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3754 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
200454 5 警告 LinPHA - LinPHA における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3753 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
200455 5 警告 LimeSurvey - LimeSurvey における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3752 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
200456 5 警告 LifeType - LifeType における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3751 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
200457 5 警告 kplaylist - kPlaylist における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3750 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
200458 5 警告 MapTools.org - ka-Map における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3749 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
200459 5 警告 kamads classifieds - Kamads Classifieds における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3748 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
200460 5 警告 jcow - Jcow における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3746 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 10, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 - - - A vulnerability, which was classified as critical, was found in wander-chu SpringBoot-Blog 1.0. This affects the function preHandle of the file src/main/java/com/my/blog/website/interceptor/BaseInter… New CWE-284
CWE-266
Improper Access Control
 Incorrect Privilege Assignment 		CVE-2024-13200 2025-01-9 12:15 2025-01-9 Show GitHub Exploit DB Packet Storm
172 - - - A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remo… New CWE-121
Stack-based Buffer Overflow 		CVE-2025-0282 2025-01-9 11:00 2025-01-9 Show GitHub Exploit DB Packet Storm
173 - - - The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases. New - CVE-2024-37372 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
174 - - - Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the sh… New - CVE-2024-27980 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
175 - - - A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar. The… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2024-13199 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
176 - - - A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepa… New CWE-203
CWE-204
 Information Exposure Through Discrepancy
 Response Discrepancy Information Exposure 		CVE-2024-13198 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
177 - - - ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current `umask` settings, meaning that it's po… New - CVE-2023-38037 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
178 - - - The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compl… New - CVE-2023-28362 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
179 - - - There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. New - CVE-2023-28120 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
180 - - - There is a denial of service vulnerability in the header parsing component of Rack. New - CVE-2023-27539 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm