Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 18, 2025, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200631 6.8 警告 TYPO3 Association - TYPO3 の fileDenyPattern 機能におけるアクセス制限を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-5099 2012-06-1 13:50 2010-12-16 Show GitHub Exploit DB Packet Storm
200632 2.6 注意 株式会社バンダイナムコゲームス - 魔法少女まどか☆マギカ iP for Android における情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2012-2630 2012-06-1 12:04 2012-06-1 Show GitHub Exploit DB Packet Storm
200633 7.5 危険 Segue Project - Segue における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1255 2012-06-1 12:03 2012-06-1 Show GitHub Exploit DB Packet Storm
200634 4.3 警告 Segue Project - Segue におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1254 2012-06-1 12:02 2012-06-1 Show GitHub Exploit DB Packet Storm
200635 7.5 危険 Jaow - Jaow の add_ons.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-2952 2012-05-31 14:52 2012-05-29 Show GitHub Exploit DB Packet Storm
200636 7.5 危険 Plogger Project - Plogger の plog-rss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-2951 2012-05-31 14:52 2012-05-29 Show GitHub Exploit DB Packet Storm
200637 3.3 注意 Puppet - Puppet および Puppet Enterprise における任意のファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1906 2012-05-31 14:25 2012-05-29 Show GitHub Exploit DB Packet Storm
200638 4.3 警告 ikiwiki - ikiwiki のメタプラグイン (Plugin/meta.pm) におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0220 2012-05-31 14:15 2012-05-29 Show GitHub Exploit DB Packet Storm
200639 10 危険 ZTE - ZTE Score M デバイス上の Android 用 ZTE sync_agent プログラムにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2949 2012-05-31 14:11 2012-05-29 Show GitHub Exploit DB Packet Storm
200640 6.5 警告 Pligg - Pligg CMS の captcha モジュールにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-2435 2012-05-30 11:22 2012-05-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 18, 2025, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
270321 - phpwebsite phpwebsite modsecurity.php 1.10 and earlier, in phpWebSite 0.8.2 and earlier, allows remote attackers to execute arbitrary PHP source code via an inc_prefix parameter that points to the malicious code. NVD-CWE-Other
CVE-2002-1135 2016-10-18 11:24 2002-10-4 Show GitHub Exploit DB Packet Storm
270322 - hp procurve_switch_4000m The HTTP administration interface for HP Procurve 4000M Switch firmware before C.09.16, with stacking features and remote administration enabled, does not authenticate requests to reset the device, w… NVD-CWE-Other
CVE-2002-1147 2016-10-18 11:24 2002-10-11 Show GitHub Exploit DB Packet Storm
270323 - hp procurve_switch_4000m Successful exploitation requires that stacking features and remote administration are enabled. NVD-CWE-Other
CVE-2002-1147 2016-10-18 11:24 2002-10-11 Show GitHub Exploit DB Packet Storm
270324 - invision_power_services invision_board The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and… NVD-CWE-Other
CVE-2002-1149 2016-10-18 11:24 2002-10-11 Show GitHub Exploit DB Packet Storm
270325 - microsoft netmeeting The Remote Desktop Sharing (RDS) Screen Saver Protection capability for Microsoft NetMeeting 3.01 through SP2 (4.4.3396) allows attackers with physical access to hijack remote sessions by entering ce… NVD-CWE-Other
CVE-2002-1150 2016-10-18 11:24 2002-10-11 Show GitHub Exploit DB Packet Storm
270326 - kde konqueror
kde 		The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execut… NVD-CWE-Other
CVE-2002-1151 2016-10-18 11:24 2002-10-11 Show GitHub Exploit DB Packet Storm
270327 - kde kde Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote… NVD-CWE-Other
CVE-2002-1152 2016-10-18 11:24 2002-10-11 Show GitHub Exploit DB Packet Storm
270328 - ibm websphere_application_server IBM Websphere 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with long HTTP headers, such as "Host". NVD-CWE-Other
CVE-2002-1153 2016-10-18 11:24 2002-10-11 Show GitHub Exploit DB Packet Storm
270329 - redhat linux The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth f… NVD-CWE-Other
CVE-2002-1160 2016-10-18 11:24 2003-02-19 Show GitHub Exploit DB Packet Storm
270330 - sendmail
netbsd 		sendmail
netbsd 		Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by i… NVD-CWE-Other
CVE-2002-1165 2016-10-18 11:24 2002-10-11 Show GitHub Exploit DB Packet Storm