Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 15, 2025, 6:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201831 7.5 危険 matteoiammarrone - S-CMS の viewforum.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4771 2012-03-27 18:42 2011-03-23 Show GitHub Exploit DB Packet Storm
201832 7.5 危険 commodityrentals - DVD Rentals Script における任意の SQL コマンドを実行される脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4770 2012-03-27 18:42 2011-03-23 Show GitHub Exploit DB Packet Storm
201833 7.5 危険 Janguo
Joomla!		 - Joomla! の Jimtawl コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4769 2012-03-27 18:42 2011-03-23 Show GitHub Exploit DB Packet Storm
201834 6 警告 OTRS プロジェクト - OTRS における待ち行列アクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4768 2012-03-27 18:42 2011-03-18 Show GitHub Exploit DB Packet Storm
201835 5 警告 OTRS プロジェクト - OTRS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4767 2012-03-27 18:42 2011-03-18 Show GitHub Exploit DB Packet Storm
201836 4.3 警告 OTRS プロジェクト - OTRS の AgentTicketForward 機能における重要な画像情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4766 2012-03-27 18:42 2011-03-18 Show GitHub Exploit DB Packet Storm
201837 4.9 警告 OTRS プロジェクト - OTRS の Kernel::System::Main::FileWrite メソッドにおける icketCounter.log のデータを破損される脆弱性 CWE-362
競合状態 		CVE-2010-4765 2012-03-27 18:42 2011-03-18 Show GitHub Exploit DB Packet Storm
201838 5 警告 OTRS プロジェクト - OTRS における電子メール通信をなりすまされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-4764 2012-03-27 18:42 2011-03-18 Show GitHub Exploit DB Packet Storm
201839 6.5 警告 OTRS プロジェクト - OTRS の ACL 顧客ステータスチケットタイプ設定における ACL 制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4763 2012-03-27 18:42 2011-03-18 Show GitHub Exploit DB Packet Storm
201840 3.5 注意 OTRS プロジェクト - OTRS のリッチテキストエディタコンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4762 2012-03-27 18:42 2011-03-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268381 - zonelabs zonealarm ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension. NVD-CWE-Other
CVE-2002-1997 2017-07-11 10:29 2002-12-31 Show GitHub Exploit DB Packet Storm
268382 - xqus x-stat x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which lea… NVD-CWE-Other
CVE-2002-2045 2017-07-11 10:29 2002-12-31 Show GitHub Exploit DB Packet Storm
268383 - squirrelmail squirrelmail Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail before 1.2.6 allow remote attackers to inject arbitrary web script or HTML via (1) "<<script" in unspecified input fie… NVD-CWE-Other
CVE-2002-2086 2017-07-11 10:29 2002-12-31 Show GitHub Exploit DB Packet Storm
268384 - gianni_tedesco fwmon Fwmon before 1.0.10 allows remote attackers to cause a denial of service (crash) by causing the kernel to return a large packet. NVD-CWE-Other
CVE-2002-2111 2017-07-11 10:29 2002-12-31 Show GitHub Exploit DB Packet Storm
268385 - netjuke netjuke Artekopia Netjuke before 1.0 b7 allows remote attackers to execute arbitrary code on the web server, possibly via the section parameter, which is passed to an eval call. NVD-CWE-Other
CVE-2002-2114 2017-07-11 10:29 2002-12-31 Show GitHub Exploit DB Packet Storm
268386 - gallery_project gallery PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attackers to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR pa… NVD-CWE-Other
CVE-2002-2123 2017-07-11 10:29 2002-12-31 Show GitHub Exploit DB Packet Storm
268387 - nylon nylon The recvn and sendn functions in nylon 0.2 do not check when the recv function call returns 0, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) by closin… NVD-CWE-Other
CVE-2002-2124 2017-07-11 10:29 2002-12-31 Show GitHub Exploit DB Packet Storm
268388 - pedestal_software integrity_protection_driver Integrity Protection Driver (IPD) 1.2 and earlier blocks access to \Device\PhysicalMemory by its name, which could allow local privileged processes to overwrite kernel memory by accessing the device … NVD-CWE-Other
CVE-2002-2127 2017-07-11 10:29 2002-12-31 Show GitHub Exploit DB Packet Storm
268389 - w-agora w-agora Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote attackers to execute arbitrary web script via an arbitrary form field name containing the script, which is ech… NVD-CWE-Other
CVE-2002-2129 2017-07-11 10:29 2002-12-31 Show GitHub Exploit DB Packet Storm
268390 - oracle application_server Format string vulnerability in the administrative pages of the PL/SQL module for Oracle Application Server 4.0.8 and 4.0.8 2 allows remote attackers to execute arbitrary code. NVD-CWE-Other
CVE-2002-2153 2017-07-11 10:29 2002-12-31 Show GitHub Exploit DB Packet Storm