Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 13, 2025, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203311 7.5 危険 Hinnendahl - Gaestebuch の guestbook/gbook.php におけるリモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4884 2012-01-19 11:08 2011-10-7 Show GitHub Exploit DB Packet Storm
203312 2.6 注意 MODX - MODx Revolution の manager/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4883 2012-01-19 11:06 2011-10-7 Show GitHub Exploit DB Packet Storm
203313 4.3 警告 Ventics - Auto CMS の autocms.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4882 2012-01-19 11:06 2011-10-7 Show GitHub Exploit DB Packet Storm
203314 6.8 警告 ApPHP - ApPHP Calendar の calendar.class.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-4881 2012-01-19 10:33 2011-10-7 Show GitHub Exploit DB Packet Storm
203315 4.3 警告 ApPHP - ApPHP Calendar の calendar.class.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4880 2012-01-19 10:33 2011-10-7 Show GitHub Exploit DB Packet Storm
203316 7.5 危険 Hinnendahl - Kontakt Formular の formmailer.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4878 2012-01-19 10:32 2011-10-7 Show GitHub Exploit DB Packet Storm
203317 4.3 警告 InsaneVisions - OneCMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4877 2012-01-19 10:31 2011-10-7 Show GitHub Exploit DB Packet Storm
203318 7.5 危険 got milk - mBlogger の viewpost.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4876 2012-01-19 10:30 2011-10-7 Show GitHub Exploit DB Packet Storm
203319 4.3 警告 Xondie - WordPress 用 Vodpod Video Gallery プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4875 2012-01-19 10:30 2011-10-7 Show GitHub Exploit DB Packet Storm
203320 4.3 警告 NinkoBB - NinkoBB の users.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4874 2012-01-19 10:28 2011-10-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 13, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1651 - - - Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations o… CWE-787
 Out-of-bounds Write 		CVE-2024-12835 2024-12-31 02:15 2024-12-31 Show GitHub Exploit DB Packet Storm
1652 - - - Khoj is a self-hostable artificial intelligence app. Prior to version 1.29.10, an Insecure Direct Object Reference (IDOR) vulnerability in the update_subscription endpoint allows any authenticated us… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-52294 2024-12-31 02:15 2024-12-31 Show GitHub Exploit DB Packet Storm
1653 - - - Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Del… CWE-843
Type Confusion 		CVE-2024-12834 2024-12-31 02:15 2024-12-31 Show GitHub Exploit DB Packet Storm
1654 - - - Webmin CGI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Webmin. Authentication is required … CWE-78
OS Command  		CVE-2024-12828 2024-12-31 02:15 2024-12-31 Show GitHub Exploit DB Packet Storm
1655 - - - AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of AnyDesk. An attacker must first o… CWE-59
Link Following 		CVE-2024-12754 2024-12-31 02:15 2024-12-31 Show GitHub Exploit DB Packet Storm
1656 - - - TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id. - CVE-2024-50703 2024-12-31 01:15 2024-12-31 Show GitHub Exploit DB Packet Storm
1657 - - - TeamPass before 3.1.3.1 does not properly check whether a mail_me (aka action_mail) operation is on behalf of an administrator or manager. - CVE-2024-50702 2024-12-31 01:15 2024-12-31 Show GitHub Exploit DB Packet Storm
1658 - - - TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin. - CVE-2024-50701 2024-12-31 01:15 2024-12-31 Show GitHub Exploit DB Packet Storm
1659 - - - An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes. - CVE-2024-56522 2024-12-31 01:15 2024-12-27 Show GitHub Exploit DB Packet Storm
1660 - - - A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/… - CVE-2024-12986 2024-12-31 00:15 2024-12-28 Show GitHub Exploit DB Packet Storm