Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 15, 2025, 2:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203321 7.5 危険 Zenphoto - Zenphoto の zp-core/full-image.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4906 2012-02-9 11:12 2011-10-8 Show GitHub Exploit DB Packet Storm
203322 7.5 危険 SoftbizScripts - Softbiz Article Directory Script における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4905 2012-02-9 11:12 2011-10-8 Show GitHub Exploit DB Packet Storm
203323 7.5 危険 DrBenHur - DBHcms の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4869 2012-02-9 11:10 2011-10-5 Show GitHub Exploit DB Packet Storm
203324 4.3 警告 W-Agora - W-Agora の search.php3 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4868 2012-02-9 11:10 2011-10-5 Show GitHub Exploit DB Packet Storm
203325 7.5 危険 W-Agora - W-Agora の search.php3 におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4867 2012-02-9 11:10 2011-10-5 Show GitHub Exploit DB Packet Storm
203326 7.5 危険 Chipmunk Scripts - Chipmunk Board の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4866 2012-02-9 11:09 2011-10-5 Show GitHub Exploit DB Packet Storm
203327 7.5 危険 Jextensions - Joomla! 用 JE Guestbook (com_jeguestbook) コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4865 2012-02-9 11:08 2011-10-5 Show GitHub Exploit DB Packet Storm
203328 7.5 危険 Daniel James Scott - Joomla! 用 Club Manager (com_clubmanager) コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4864 2012-02-9 11:08 2011-10-5 Show GitHub Exploit DB Packet Storm
203329 4.3 警告 The GetSimple Team - GetSimple CMS の admin/changedata.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4863 2012-02-9 11:07 2011-10-5 Show GitHub Exploit DB Packet Storm
203330 7.5 危険 Joomla!
Jextensions		 - Joomla! 用 JExtensions JE Director コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4862 2012-02-9 11:07 2011-10-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
257911 - dovecot dovecot Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of serv… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2009-3235 2017-09-19 10:29 2009-09-17 Show GitHub Exploit DB Packet Storm
257912 - wireshark wireshark Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) v… NVD-CWE-noinfo
CVE-2009-3241 2017-09-19 10:29 2009-09-18 Show GitHub Exploit DB Packet Storm
257913 - wireshark wireshark Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "a… NVD-CWE-noinfo
CVE-2009-3242 2017-09-19 10:29 2009-09-18 Show GitHub Exploit DB Packet Storm
257914 - wireshark wireshark Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors rela… NVD-CWE-noinfo
CVE-2009-3243 2017-09-19 10:29 2009-09-18 Show GitHub Exploit DB Packet Storm
257915 - adobe shockwave_player Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code v… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2009-3244 2017-09-19 10:29 2009-09-18 Show GitHub Exploit DB Packet Storm
257916 - openssl openssl OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, wh… CWE-20
 Improper Input Validation  		CVE-2009-3245 2017-09-19 10:29 2010-03-6 Show GitHub Exploit DB Packet Storm
257917 - mybuxscript pts-bux SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX allows remote attackers to execute arbitrary SQL commands via the id parameter in an spnews action to the default URI. NOTE: some of … CWE-89
SQL Injection 		CVE-2009-3246 2017-09-19 10:29 2009-09-19 Show GitHub Exploit DB Packet Storm
257918 - vtiger vtiger_crm Cross-site scripting (XSS) vulnerability in the Activities module in vtiger CRM 5.0.4 allows remote attackers to inject arbitrary web script or HTML via the action parameter to phprint.php. NOTE: th… CWE-79
Cross-site Scripting 		CVE-2009-3247 2017-09-19 10:29 2009-09-19 Show GitHub Exploit DB Packet Storm
257919 - vtiger vtiger_crm Cross-site request forgery (CSRF) vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system… CWE-352
 Origin Validation Error 		CVE-2009-3248 2017-09-19 10:29 2009-09-19 Show GitHub Exploit DB Packet Storm
257920 - vtiger vtiger_crm Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the module parameter to graph.php; or th… CWE-22
Path Traversal 		CVE-2009-3249 2017-09-19 10:29 2009-09-19 Show GitHub Exploit DB Packet Storm