Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 16, 2025, 4:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202391	5	警告	infradead	-	OpenConnect における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-3902	2012-03-27 18:42	2010-10-14	Show	GitHub Exploit DB Packet Storm

202392	6.4	警告	infradead	-	OpenConnect における任意の AnyConnect SSL VPN サーバを偽装される脆弱性	CWE-20 不適切な入力確認	CVE-2010-3901	2012-03-27 18:42	2010-10-14	Show	GitHub Exploit DB Packet Storm

202393	5.8	警告	christian dywan	-	Midori における任意の HTTPS Web サイトになりすまされる脆弱性	CWE-Other その他	CVE-2010-3900	2012-03-27 18:42	2010-10-14	Show	GitHub Exploit DB Packet Storm

202394	5	警告	IBM	-	IBM OmniFind におけるサービス運用妨害 (DoS) 状態となる脆弱性	CWE-399 リソース管理の問題	CVE-2010-3899	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

202395	5	警告	IBM	-	IBM OmniFind における認証を回避する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3898	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

202396	5	警告	IBM	-	IBM OmniFind の ESSearchApplication/palette.do における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-3897	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

202397	7.5	危険	IBM	-	IBM OmniFind の ESSearchApplication ディレクトリツリーにおけるサーバ設定を変更される脆弱性	CWE-287 不適切な認証	CVE-2010-3896	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

202398	7.2	危険	IBM	-	IBM OmniFind の esRunCommand における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3895	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

202399	9.3	危険	IBM	-	IBM OmniFind の Java_com_ibm_es_oss_CryptionNative_ESEncrypt 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3894	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

202400	7.5	危険	IBM	-	IBM OmniFind の管理インタフェースにおける任意の管理者操作を実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3893	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 16, 2025, 4:15 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
631	-	-	-	WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_alergia.php… New	CWE-79 Cross-site Scripting	CVE-2025-23031	2025-01-14 10:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

632	-	-	-	WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `cadastro_funcionar… New	CWE-79 Cross-site Scripting	CVE-2025-23030	2025-01-14 10:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

633	-	-	-	SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform session hijacking over the network without any user interaction, due to an information disclosure vuln… New	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2025-0061	2025-01-14 10:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

634	-	-	-	SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted access to inject malicious JS code which can read sensitive information from the server and send it to … New	CWE-94 Code Injection	CVE-2025-0060	2025-01-14 10:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

635	-	-	-	Applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP store user input in the local browser storage to improve usability. An attacker with administrative privileges or acces… New	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2025-0059	2025-01-14 10:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

636	-	-	-	In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwis… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2025-0058	2025-01-14 10:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

637	-	-	-	SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim v… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2025-0057	2025-01-14 10:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

638	-	-	-	SAP GUI for Java saves user input on the client PC to improve usability. An attacker with administrative privileges or access to the victim?s user directory on the Operating System level would be abl… New	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2025-0056	2025-01-14 10:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

639	-	-	-	SAP GUI for Windows stores user input on the client PC to improve usability. Under very specific circumstances an attacker with administrative privileges or access to the victim?s user directory on t… New	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2025-0055	2025-01-14 10:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

640	-	-	-	SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker to gain unauthorized access to system information. By using a specific URL parameter, an unauthenticated attacker could … New	CWE-209 Information Exposure Through an Error Message	CVE-2025-0053	2025-01-14 10:15	2025-01-14	Show	GitHub Exploit DB Packet Storm