Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
204841	6.4	警告	アップル	-	Windows 上で稼働する Apple Safari の IDN 機能におけるドメイン名を偽装される脆弱性	CWE-20 不適切な入力確認	CVE-2012-0584	2012-03-14 15:34	2012-03-12	Show	GitHub Exploit DB Packet Storm

204842	6.4	警告	VMware	-	VMware vCenter Chargeback Manager における任意のファイルを読まれる脆弱性	CWE-20 不適切な入力確認	CVE-2012-1472	2012-03-14 15:15	2012-03-8	Show	GitHub Exploit DB Packet Storm

204843	5	警告	yaSSL	-	yaSSL CyaSSL におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-1558	2012-03-14 11:53	2012-03-12	Show	GitHub Exploit DB Packet Storm

204844	7.5	危険	Parallels	-	Parallels Plesk Panel の admin/plib/api-rpc/Agent.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-1557	2012-03-14 11:52	2012-03-12	Show	GitHub Exploit DB Packet Storm

204845	4.3	警告	Ruby on Rails project	-	Ruby on Rails の select helper におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1099	2012-03-14 11:51	2012-03-13	Show	GitHub Exploit DB Packet Storm

204846	4.3	警告	Ruby on Rails project	-	Ruby on Rails におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1098	2012-03-14 11:50	2012-03-13	Show	GitHub Exploit DB Packet Storm

204847	7.2	危険	BlackBerry	-	Research In Motion BlackBerry PlayBook タブレットのソフトウェアにおける権限を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-0291	2012-03-13 16:48	2011-12-6	Show	GitHub Exploit DB Packet Storm

204848	7.5	危険	Google	-	Google Chrome の GPU プロセスにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-3047	2012-03-13 16:09	2012-03-10	Show	GitHub Exploit DB Packet Storm

204849	5.8	警告	マイクロソフト	-	Microsoft Internet Explorer における Protected Mode を回避される脆弱性	CWE-119 バッファエラー	CVE-2012-1545	2012-03-13 15:18	2012-03-9	Show	GitHub Exploit DB Packet Storm

204850	-	-	マイクロソフト	-	削除 Microsoft Internet Explorer におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2012-1544	2012-03-13 15:16	2012-03-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 3, 2025, 4:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
421	7.5	HIGH Network	-	-	Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.3…	-	CVE-2024-12705	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

422	7.5	HIGH Network	-	-	It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either t…	-	CVE-2024-11187	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

423	-		-	-	An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.	-	CVE-2025-0781	2025-01-30 07:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

424	-		-	-	kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernete…	CWE-200 CWE-532 CWE-212 Information Exposure Inclusion of Sensitive Information in Log Files Improper Removal of Sensitive Information Before Storage or Transfer	CVE-2025-24884	2025-01-30 06:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

425	-		-	-	The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vu…	CWE-276 Incorrect Default Permissions	CVE-2025-24795	2025-01-30 06:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

426	-		-	-	The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vu…	CWE-502 Deserialization of Untrusted Data	CVE-2025-24794	2025-01-30 06:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

427	-		-	-	The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vu…	CWE-89 SQL Injection	CVE-2025-24793	2025-01-30 06:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

428	-		-	-	snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporar…	CWE-276 Incorrect Default Permissions	CVE-2025-24788	2025-01-30 06:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

429	7.3	HIGH Network	-	-	A vulnerability has been found in Aridius XYZ up to 20240927 on OpenCart and classified as critical. This vulnerability affects the function loadMore of the component News. The manipulation leads to …	CWE-20 CWE-502 Improper Input Validation Deserialization of Untrusted Data	CVE-2025-0841	2025-01-30 06:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

430	-		-	-	7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is requi…	-	CVE-2025-0411	2025-01-30 06:15	2025-01-25	Show	GitHub Exploit DB Packet Storm