Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200941 5 警告 dxmsoft - XM Easy Personal FTP Server におけるフォーマットストリングの脆弱性 - CVE-2006-6750 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
200942 7.5 危険 dreaxteam - Xt-News の show_news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-6747 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
200943 4.3 警告 dreaxteam - Xt-News におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-6746 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
200944 6.8 警告 cwm-design - cwmCounter の statistic.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-6738 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
200945 6.8 警告 cwm-design - cwmVote の archive.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-6732 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
200946 4 警告 bolintech - BolinTech Dream FTP Server におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6724 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
200947 7.5 危険 azucar cms - Azucar CMS の admin/index_sitios.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-6720 2012-06-26 15:38 2006-12-23 Show GitHub Exploit DB Packet Storm
200948 5 警告 GNU Project - FSF GNU wget の ftp-basic.c の ftp_syst 関数におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6719 2012-06-26 15:38 2006-12-23 Show GitHub Exploit DB Packet Storm
200949 7.5 危険 アライドテレシス - Allied Telesis AT-9000/24 Ethernet スイッチにおける不正のアクションを実行される脆弱性 - CVE-2006-6718 2012-06-26 15:38 2006-12-23 Show GitHub Exploit DB Packet Storm
200950 7.5 危険 アライドテレシス - Allied Telesis AT-9000/24 Ethernet スイッチにおける想定外のロケーションから攻撃を実行される脆弱性 - CVE-2006-6717 2012-06-26 15:38 2006-12-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 4, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1291 - - - In the Linux kernel, the following vulnerability has been resolved: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute syzbot found that TCA_FLOW_RSHIFT attribute was not validated. Right shit… - CVE-2025-21653 2025-01-24 02:15 2025-01-19 Show GitHub Exploit DB Packet Storm
1292 - - - In the Linux kernel, the following vulnerability has been resolved: afs: Fix the maximum cell name length The kafs filesystem limits the maximum length of a cell to 256 bytes, but a problem occurs … - CVE-2025-21646 2025-01-24 02:15 2025-01-19 Show GitHub Exploit DB Packet Storm
1293 - - - In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' str… - CVE-2025-21640 2025-01-24 02:15 2025-01-19 Show GitHub Exploit DB Packet Storm
1294 8.8 HIGH
Network 		jfinaloa_project jfinaloa JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component borrowmoney/listData?applyUser. CWE-89
SQL Injection 		CVE-2024-57769 2025-01-24 02:15 2025-01-17 Show GitHub Exploit DB Packet Storm
1295 - - - In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rto_min/max: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structu… - CVE-2025-21639 2025-01-24 02:15 2025-01-19 Show GitHub Exploit DB Packet Storm
1296 - - - In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: auth_enable: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structu… - CVE-2025-21638 2025-01-24 02:15 2025-01-19 Show GitHub Exploit DB Packet Storm
1297 - - - In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udp_port: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure … - CVE-2025-21637 2025-01-24 02:15 2025-01-19 Show GitHub Exploit DB Packet Storm
1298 - - - In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'n… - CVE-2025-21636 2025-01-24 02:15 2025-01-19 Show GitHub Exploit DB Packet Storm
1299 - - - In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() Our syzkaller report a following UAF for v6.6: BUG: KASAN: slab-use-after-… - CVE-2025-21631 2025-01-24 02:15 2025-01-19 Show GitHub Exploit DB Packet Storm
1300 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in basteln3rk Save & Import Image from URL allows Reflected XSS. This issue affects Save & Import Im… CWE-79
Cross-site Scripting 		CVE-2025-23960 2025-01-24 01:15 2025-01-24 Show GitHub Exploit DB Packet Storm