Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 16, 2025, 2:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202611 5.7 警告 RSAセキュリティ - RSA Access Manager Agent における重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3017 2012-03-27 18:42 2010-09-9 Show GitHub Exploit DB Packet Storm
202612 4.3 警告 ヒューレット・パッカード - HP SMH におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3012 2012-03-27 18:42 2010-09-15 Show GitHub Exploit DB Packet Storm
202613 5 警告 ヒューレット・パッカード - HP SMH における CRLF インジェクションの脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3011 2012-03-27 18:42 2010-09-15 Show GitHub Exploit DB Packet Storm
202614 4.3 警告 ヒューレット・パッカード - HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3010 2012-03-27 18:42 2010-09-15 Show GitHub Exploit DB Packet Storm
202615 9 危険 ヒューレット・パッカード - HP SMH における重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3009 2012-03-27 18:42 2010-09-13 Show GitHub Exploit DB Packet Storm
202616 7.2 危険 ヒューレット・パッカード - HP Data Protector Express および Data Protector Express SSE における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3008 2012-03-27 18:42 2010-09-8 Show GitHub Exploit DB Packet Storm
202617 7.2 危険 ヒューレット・パッカード - HP Data Protector Express および Data Protector Express SSE における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3007 2012-03-27 18:42 2010-09-8 Show GitHub Exploit DB Packet Storm
202618 7.8 危険 ヒューレット・パッカード - HP ProLiant G6 Lights-Out 100 Remote Management カードにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-3006 2012-03-27 18:42 2010-09-7 Show GitHub Exploit DB Packet Storm
202619 6.8 警告 ヒューレット・パッカード - HP Operations Agent における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3005 2012-03-27 18:42 2010-09-2 Show GitHub Exploit DB Packet Storm
202620 7.5 危険 ヒューレット・パッカード - HP Operations Agent における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3004 2012-03-27 18:42 2010-09-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 16, 2025, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
631 - - - WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_alergia.php… New CWE-79
Cross-site Scripting 		CVE-2025-23031 2025-01-14 10:15 2025-01-14 Show GitHub Exploit DB Packet Storm
632 - - - WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `cadastro_funcionar… New CWE-79
Cross-site Scripting 		CVE-2025-23030 2025-01-14 10:15 2025-01-14 Show GitHub Exploit DB Packet Storm
633 - - - SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform session hijacking over the network without any user interaction, due to an information disclosure vuln… New CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2025-0061 2025-01-14 10:15 2025-01-14 Show GitHub Exploit DB Packet Storm
634 - - - SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted access to inject malicious JS code which can read sensitive information from the server and send it to … New CWE-94
Code Injection 		CVE-2025-0060 2025-01-14 10:15 2025-01-14 Show GitHub Exploit DB Packet Storm
635 - - - Applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP store user input in the local browser storage to improve usability. An attacker with administrative privileges or acces… New CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2025-0059 2025-01-14 10:15 2025-01-14 Show GitHub Exploit DB Packet Storm
636 - - - In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwis… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2025-0058 2025-01-14 10:15 2025-01-14 Show GitHub Exploit DB Packet Storm
637 - - - SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim v… New CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2025-0057 2025-01-14 10:15 2025-01-14 Show GitHub Exploit DB Packet Storm
638 - - - SAP GUI for Java saves user input on the client PC to improve usability. An attacker with administrative privileges or access to the victim?s user directory on the Operating System level would be abl… New CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2025-0056 2025-01-14 10:15 2025-01-14 Show GitHub Exploit DB Packet Storm
639 - - - SAP GUI for Windows stores user input on the client PC to improve usability. Under very specific circumstances an attacker with administrative privileges or access to the victim?s user directory on t… New CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2025-0055 2025-01-14 10:15 2025-01-14 Show GitHub Exploit DB Packet Storm
640 - - - SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker to gain unauthorized access to system information. By using a specific URL parameter, an unauthenticated attacker could … New CWE-209
Information Exposure Through an Error Message 		CVE-2025-0053 2025-01-14 10:15 2025-01-14 Show GitHub Exploit DB Packet Storm