Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 28, 2025, 6:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202471 5 警告 JanRain - JanRain PHP OpenID ライブラリにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3707 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
202472 5 警告 ATutor - ATutor における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3706 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
202473 5 警告 michael armbruster - Arctic Fox CMS における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3705 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
202474 5 警告 appRain - appRain における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3704 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
202475 5 警告 AneCMS - AneCMS における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3703 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
202476 5 警告 anantasoft - Ananta Gazelle における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3702 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
202477 5 警告 AlegroCart - AlegroCart における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3701 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
202478 5 警告 AEF Group - AEF における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3700 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
202479 5 警告 John Lim - John Lim ADOdb Library における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3699 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
202480 5 警告 AdaptCMS - AdaptCMS における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3698 2012-03-27 18:43 2011-09-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 28, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1431 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Volkov Chatter allows Stored XSS. This issue affects Chatter: from n/a through 1.0.1. CWE-79
Cross-site Scripting 		CVE-2025-23760 2025-01-17 06:15 2025-01-17 Show GitHub Exploit DB Packet Storm
1432 - - - An issue in the bind_col_exp component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. - CVE-2024-57618 2025-01-17 06:15 2025-01-14 Show GitHub Exploit DB Packet Storm
1433 6.2 MEDIUM
Local 		freetype freetype FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c. CWE-190
 Integer Overflow or Wraparound 		CVE-2025-23022 2025-01-17 06:12 2025-01-11 Show GitHub Exploit DB Packet Storm
1434 5.4 MEDIUM
Network 		vanderbilt redcap A stored cross-site scripting (XSS) vulnerability in survey titles of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the Survey Title field or Survey Instructions. When a u… CWE-79
Cross-site Scripting 		CVE-2024-56377 2025-01-17 06:10 2025-01-10 Show GitHub Exploit DB Packet Storm
1435 5.4 MEDIUM
Network 		vanderbilt redcap A stored cross-site scripting (XSS) vulnerability in the built-in messenger of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the message field. When a user click on the re… CWE-79
Cross-site Scripting 		CVE-2024-56376 2025-01-17 06:10 2025-01-10 Show GitHub Exploit DB Packet Storm
1436 9.8 CRITICAL
Network 		ivanti avalanche Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. This CVE addresses incomplete fixes from CVE-2024-47010. CWE-22
Path Traversal 		CVE-2024-13181 2025-01-17 06:02 2025-01-15 Show GitHub Exploit DB Packet Storm
1437 7.5 HIGH
Network 		ivanti avalanche Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. This CVE addresses incomplete fixes from CVE-2024-47011. CWE-22
Path Traversal 		CVE-2024-13180 2025-01-17 06:01 2025-01-15 Show GitHub Exploit DB Packet Storm
1438 9.8 CRITICAL
Network 		ivanti avalanche Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. CWE-22
Path Traversal 		CVE-2024-13179 2025-01-17 06:01 2025-01-15 Show GitHub Exploit DB Packet Storm
1439 7.8 HIGH
Local 		adobe illustrator Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2025-21134 2025-01-17 05:43 2025-01-15 Show GitHub Exploit DB Packet Storm
1440 8.8 HIGH
Network 		google chrome Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CWE-125
Out-of-bounds Read 		CVE-2025-0437 2025-01-17 05:35 2025-01-15 Show GitHub Exploit DB Packet Storm