Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 16, 2025, 6:05 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201861 6.8 警告 Zikula Foundation - Zikula の Users モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-0535 2012-03-27 18:42 2011-02-8 Show GitHub Exploit DB Packet Storm
201862 6.2 警告 Fedora Project
レッドハット		 - 389 Directory Server のバックアップおよび復旧スクリプトにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-0532 2012-03-27 18:42 2011-02-23 Show GitHub Exploit DB Packet Storm
201863 9.3 危険 VideoLAN - VideoLAN VLC media player の demux/mkv/mkv.hpp におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0531 2012-03-27 18:42 2011-01-26 Show GitHub Exploit DB Packet Storm
201864 7.5 危険 Wouter Verhelst - nbd の nbd-server.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-0530 2012-03-27 18:42 2011-02-22 Show GitHub Exploit DB Packet Storm
201865 5 警告 VMware - VMware の vFabric tc Server におけるアクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2011-0527 2012-03-27 18:42 2011-08-11 Show GitHub Exploit DB Packet Storm
201866 4.3 警告 Vanilla Forums - Vanilla Forums の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-0526 2012-03-27 18:42 2011-02-8 Show GitHub Exploit DB Packet Storm
201867 6.8 警告 VideoLAN - VideoLAN VLC メディアプレイヤーの StripTags 関数 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-0522 2012-03-27 18:42 2011-02-7 Show GitHub Exploit DB Packet Storm
201868 7.5 危険 MaraDNS - MaraDNS の compress_add_dlabel_points 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2011-0520 2012-03-27 18:42 2011-01-28 Show GitHub Exploit DB Packet Storm
201869 7.5 危険 gallarific - Gallarific PHP Photo Gallery script の gallery.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-0519 2012-03-27 18:42 2011-01-20 Show GitHub Exploit DB Packet Storm
201870 5.1 警告 lotuscms - LotusCMS Fraise の core/lib/router.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-0518 2012-03-27 18:42 2011-01-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 17, 2025, 5:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
551 - - - Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Drupal Security Kit allows HTTP DoS.This issue affects Security Kit: from 0.0.0 before 2.0.3. Update - CVE-2024-13275 2025-01-15 03:15 2025-01-10 Show GitHub Exploit DB Packet Storm
552 - - - A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Maintenance Sect… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2025-0464 2025-01-15 02:15 2025-01-15 Show GitHub Exploit DB Packet Storm
553 - - - A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0. It has been classified as critical. Affected is an unknown function of the file /crm/weixinmp/index.p… New CWE-284
CWE-434
Improper Access Control
 Unrestricted Upload of File with Dangerous Type  		CVE-2025-0463 2025-01-15 02:15 2025-01-15 Show GitHub Exploit DB Packet Storm
554 - - - A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as critical. This issue affects some unknown processing of the file /crm/weixinmp/index… New CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0462 2025-01-15 02:15 2025-01-15 Show GitHub Exploit DB Packet Storm
555 - - - A stored cross-site scripting (XSS) vulnerability in Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload. New - CVE-2024-53563 2025-01-15 02:15 2025-01-15 Show GitHub Exploit DB Packet Storm
556 - - - A remote code execution (RCE) vulnerability in Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10 allows attackers to execute arbitrary code via a crafted request. New - CVE-2024-53561 2025-01-15 02:15 2025-01-15 Show GitHub Exploit DB Packet Storm
557 6.2 MEDIUM
Local 		- - IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned. New CWE-209
Information Exposure Through an Error Message 		CVE-2024-52898 2025-01-15 02:15 2025-01-15 Show GitHub Exploit DB Packet Storm
558 - - - Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. This CVE addresses incomplete fixes from CVE-2024-47010. New CWE-22
CWE-288
Path Traversal
Authentication Bypass Using an Alternate Path or Channel 		CVE-2024-13181 2025-01-15 02:15 2025-01-15 Show GitHub Exploit DB Packet Storm
559 - - - Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. This CVE addresses incomplete fixes from CVE-2024-47011. New CWE-22
Path Traversal 		CVE-2024-13180 2025-01-15 02:15 2025-01-15 Show GitHub Exploit DB Packet Storm
560 - - - Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. New CWE-22
CWE-288
Path Traversal
Authentication Bypass Using an Alternate Path or Channel 		CVE-2024-13179 2025-01-15 02:15 2025-01-15 Show GitHub Exploit DB Packet Storm