Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 16, 2025, 10:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202651 2.6 注意 IBM - IBM TFIM における信頼制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-5085 2012-03-27 18:42 2011-08-12 Show GitHub Exploit DB Packet Storm
202652 1.9 注意 IBM - IBM TFIM における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2009-5084 2012-03-27 18:42 2011-08-12 Show GitHub Exploit DB Packet Storm
202653 6.8 警告 IBM - IBM TFIM における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-5083 2012-03-27 18:42 2011-08-12 Show GitHub Exploit DB Packet Storm
202654 3.3 注意 GNU Project - GNU troff の configure などのスクリプトにおける任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2009-5082 2012-03-27 18:42 2011-06-30 Show GitHub Exploit DB Packet Storm
202655 3.3 注意 GNU Project - GNU troff の config.guess などのスクリプトにおける任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2009-5081 2012-03-27 18:42 2011-06-30 Show GitHub Exploit DB Packet Storm
202656 3.3 注意 GNU Project - GNU troff の contrib/eqn2graph/eqn2graph.sh などのスクリプトにおける任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2009-5080 2012-03-27 18:42 2011-06-30 Show GitHub Exploit DB Packet Storm
202657 3.3 注意 GNU Project - GNU troff の gendef.sh などのスクリプトにおける任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2009-5079 2012-03-27 18:42 2011-06-30 Show GitHub Exploit DB Packet Storm
202658 7.5 危険 creloaded - CRE Loaded における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-5077 2012-03-27 18:42 2011-06-8 Show GitHub Exploit DB Packet Storm
202659 7.5 危険 creloaded - CRE Loaded における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-5076 2012-03-27 18:42 2011-06-8 Show GitHub Exploit DB Packet Storm
202660 4.3 警告 monkeysaudio - Monkey's Audio におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-5075 2012-03-27 18:42 2011-05-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 16, 2025, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
931 9.8 CRITICAL
Network 		- - The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.2 via deserialization of untrusted input fr… CWE-502
 Deserialization of Untrusted Data 		CVE-2024-12877 2025-01-11 17:15 2025-01-11 Show GitHub Exploit DB Packet Storm
932 - - - HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user to perform enumeration of application users, and therefore compile a list of valid usernames. - CVE-2024-42174 2025-01-11 16:15 2025-01-11 Show GitHub Exploit DB Packet Storm
933 - - - HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess or brute-force passwords if the u… - CVE-2024-42173 2025-01-11 16:15 2025-01-11 Show GitHub Exploit DB Packet Storm
934 - - - HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys, passwords, and session tokens, potentially leading to identity theft and system control. This vulnerabil… - CVE-2024-42172 2025-01-11 16:15 2025-01-11 Show GitHub Exploit DB Packet Storm
935 - - - HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session. - CVE-2024-42171 2025-01-11 16:15 2025-01-11 Show GitHub Exploit DB Packet Storm
936 - - - HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session. - CVE-2024-42170 2025-01-11 16:15 2025-01-11 Show GitHub Exploit DB Packet Storm
937 6.4 MEDIUM
Network 		- - The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via button block link in all versions up to, and including, 3.4.2 … CWE-79
Cross-site Scripting 		CVE-2024-12304 2025-01-11 13:15 2025-01-11 Show GitHub Exploit DB Packet Storm
938 - - - An OS command injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosu… - CVE-2025-0107 2025-01-11 12:15 2025-01-11 Show GitHub Exploit DB Packet Storm
939 - - - A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem. - CVE-2025-0106 2025-01-11 12:15 2025-01-11 Show GitHub Exploit DB Packet Storm
940 - - - An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem. - CVE-2025-0105 2025-01-11 12:15 2025-01-11 Show GitHub Exploit DB Packet Storm