Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Dec. 29, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203041 7.5 危険 Sitecom
Canyon
EDIMAX Technology
Sweex		 - 複数のルータ上で動作する Edimax EdiLinux の UPnP IGD 実装におけるポートマッピングを確立される脆弱性 CWE-16
環境設定 		CVE-2011-4501 2011-11-25 14:29 2011-11-22 Show GitHub Exploit DB Packet Storm
203042 7.5 危険 シスコシステムズ (Linksys)
シスコシステムズ		 - Cisco Linksys WRT54GX の UPnP IGD 実装におけるファイアウォールを管理される脆弱性 CWE-16
環境設定 		CVE-2011-4500 2011-11-25 14:28 2011-11-22 Show GitHub Exploit DB Packet Storm
203043 7.5 危険 シスコシステムズ (Linksys)
シスコシステムズ		 - Cisco Linksys WRT54G および WRT54GS の UPnP IGD 実装におけるポートマッピングを確立される脆弱性 CWE-16
環境設定 		CVE-2011-4499 2011-11-25 14:18 2011-11-22 Show GitHub Exploit DB Packet Storm
203044 7.5 危険 MH Products - MH Products kleinanzeigenmarkt における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5062 2011-11-25 11:50 2011-11-23 Show GitHub Exploit DB Packet Storm
203045 7.5 危険 RSStatic - RSStatic の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5061 2011-11-25 11:49 2011-11-23 Show GitHub Exploit DB Packet Storm
203046 7.5 危険 Nus - NUs Newssystem の Nus.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5060 2011-11-25 11:49 2011-11-23 Show GitHub Exploit DB Packet Storm
203047 7.5 危険 CMScout - CMScout の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5059 2011-11-25 11:48 2011-11-23 Show GitHub Exploit DB Packet Storm
203048 7.5 危険 GBU grafici - GBU Facebook コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5056 2011-11-25 11:47 2011-11-23 Show GitHub Exploit DB Packet Storm
203049 7.5 危険 Almnzm - Almnzm の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5055 2011-11-25 11:46 2011-11-23 Show GitHub Exploit DB Packet Storm
203050 4.3 警告 JAMWiki - JAMWiki の Special:Login におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5054 2011-11-25 11:46 2010-04-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Dec. 30, 2024, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2031 - - - Habitica is an open-source habit-building program. Versions prior to 5.28.5 are vulnerable to reflected cross-site scripting. The `login` and `social media` function in `RegisterLoginReset.vue` conta… CWE-79
Cross-site Scripting 		CVE-2024-53272 2024-12-12 11:15 2024-12-12 Show GitHub Exploit DB Packet Storm
2032 - - - Insertion of Sensitive Information into Log File (CWE-532) in the Gallagher Command Centre Alarm Transmitter feature could allow an authenticated Operator to view some security sensitive information … - CVE-2024-42407 2024-12-12 11:15 2024-12-12 Show GitHub Exploit DB Packet Storm
2033 - - - Use of Multiple Resources with Duplicate Identifier (CWE-694) in the Controller 6000 and Controller 7000 Platforms could allow an attacker with physical access to HBUS communication cabling to perfor… - CVE-2024-41146 2024-12-12 11:15 2024-12-12 Show GitHub Exploit DB Packet Storm
2034 - - - A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /pages/teacher_save.php. … CWE-89
CWE-74
SQL Injection
Injection 		CVE-2024-12490 2024-12-12 11:15 2024-12-12 Show GitHub Exploit DB Packet Storm
2035 - - - Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. - CVE-2024-45337 2024-12-12 11:15 2024-12-12 Show GitHub Exploit DB Packet Storm
2036 - - - In the Mullvad VPN client 2024.6 (Desktop), 2024.8 (iOS), and 2024.8-beta1 (Android), the exception-handling alternate stack can be exhausted, leading to heap-based out-of-bounds writes in enable() i… - CVE-2024-55884 2024-12-12 11:08 2024-12-12 Show GitHub Exploit DB Packet Storm
2037 - - - python-libarchive through 4.2.1 allows directory traversal (to create files) in extract in zip.py for ZipFile.extractall and ZipFile.extract. - CVE-2024-55587 2024-12-12 11:08 2024-12-12 Show GitHub Exploit DB Packet Storm
2038 - - - Nette Database through 3.2.4 allows SQL injection in certain situations involving an untrusted filter that is directly passed to the where method. NOTE: the vendor's position is that this is intended… - CVE-2024-55586 2024-12-12 11:08 2024-12-10 Show GitHub Exploit DB Packet Storm
2039 - - - Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: this is disputed by the Supplier because the observ… - CVE-2024-54749 2024-12-12 11:08 2024-12-7 Show GitHub Exploit DB Packet Storm
2040 - - - An issue in the index.js decryptCookie function of cookie-encrypter v1.0.1 allows attackers to execute a bit flipping attack. - CVE-2024-53441 2024-12-12 11:07 2024-12-10 Show GitHub Exploit DB Packet Storm