Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
204461 4.3 警告 Pentaho Corporation - Pentaho BI Server の ViewAction におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-5099 2012-03-27 18:42 2011-09-13 Show GitHub Exploit DB Packet Storm
204462 5.4 警告 ヒューレット・パッカード - Palm Pre WebOS の LunaSysMgr プロセス におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-5098 2012-03-27 18:42 2011-09-13 Show GitHub Exploit DB Packet Storm
204463 6.3 警告 OpenFabrics Alliance - OFED の openibd における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-1693 2012-03-27 18:42 2010-10-26 Show GitHub Exploit DB Packet Storm
204464 10 危険 The Tor Project - Tor におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1676 2012-03-27 18:42 2010-12-20 Show GitHub Exploit DB Packet Storm
204465 9.3 危険 Nullsoft - Winamp の vp6.w5s におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1523 2012-03-27 18:42 2010-10-8 Show GitHub Exploit DB Packet Storm
204466 9.3 危険 March Hare Pty Ltd - March Hare Software CVSNT の perms.cpp における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1326 2012-03-27 18:42 2010-09-15 Show GitHub Exploit DB Packet Storm
204467 4.3 警告 IBM - IBM WebSphere MQ における X.509 証明書の認証をなりすまされる脆弱性 CWE-Other
その他 		CVE-2010-0782 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
204468 5 警告 シスコシステムズ - Cisco WLC におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0575 2012-03-27 18:42 2010-09-8 Show GitHub Exploit DB Packet Storm
204469 7.8 危険 シスコシステムズ - Cisco WLC におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-0574 2012-03-27 18:42 2010-09-8 Show GitHub Exploit DB Packet Storm
204470 3.5 注意 IBM - IBM PNMSS の load.php における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0155 2012-03-27 18:42 2010-09-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 23, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1041 6.4 MEDIUM
Network 		- - The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.23… CWE-79
Cross-site Scripting 		CVE-2024-13227 2025-02-13 14:15 2025-02-13 Show GitHub Exploit DB Packet Storm
1042 9.8 CRITICAL
Network 		- - The Campress theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.35 via the 'campress_woocommerce_get_ajax_products' function. This makes it possible for… CWE-22
Path Traversal 		CVE-2024-10763 2025-02-13 14:15 2025-02-13 Show GitHub Exploit DB Packet Storm
1043 - - - Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerability. A remote attacker could potentially exploit this vulnerability, leading to a Denial of Service. - CVE-2024-29172 2025-02-13 13:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1044 - - - Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verification vulnerability. A remote attacker could potentially exploit this vulnerability, lead… - CVE-2024-29171 2025-02-13 13:15 2025-02-12 Show GitHub Exploit DB Packet Storm
1045 - - - An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allo… CWE-613
 Insufficient Session Expiration 		CVE-2025-1198 2025-02-13 11:15 2025-02-13 Show GitHub Exploit DB Packet Storm
1046 - - - Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker. CWE-306
Missing Authentication for Critical Function 		CVE-2025-0896 2025-02-13 11:15 2025-02-13 Show GitHub Exploit DB Packet Storm
1047 6.4 MEDIUM
Network 		- - The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and including, 2.1.8 due to insufficient input… CWE-79
Cross-site Scripting 		CVE-2024-13644 2025-02-13 11:15 2025-02-13 Show GitHub Exploit DB Packet Storm
1048 - - - Crayfish is a collection of Islandora 8 microservices, one of which, Homarus, provides FFmpeg as a microservice. Prior to Crayfish version 4.1.0, remote code execution may be possible in web-accessib… CWE-150
CWE-157
 Improper Neutralization of Escape, Meta, or Control Sequences 		CVE-2025-25286 2025-02-13 10:15 2025-02-13 Show GitHub Exploit DB Packet Storm
1049 - - - An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain c… CWE-250
 Execution with Unnecessary Privileges 		CVE-2024-8266 2025-02-13 10:15 2025-02-13 Show GitHub Exploit DB Packet Storm
1050 - - - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances. CWE-250
 Execution with Unnecessary Privileges 		CVE-2024-7102 2025-02-13 10:15 2025-02-13 Show GitHub Exploit DB Packet Storm