Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
204961	7.5	危険	Phpgalleryscript	-	PHP Free Photo Gallery script における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-4948	2012-02-29 11:19	2011-10-9	Show	GitHub Exploit DB Packet Storm

204962	4.3	警告	Allpcscript	-	ALLPC の advanced_search_result.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4947	2012-02-29 11:17	2011-10-9	Show	GitHub Exploit DB Packet Storm

204963	7.5	危険	Allpcscript	-	ALLPC の product_info.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4946	2012-02-29 11:16	2011-10-9	Show	GitHub Exploit DB Packet Storm

204964	7.5	危険	Joomla!	-	Joomla! 用 CamelcityDB コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4945	2012-02-29 11:15	2011-10-9	Show	GitHub Exploit DB Packet Storm

204965	7.5	危険	Joomla!	-	Mambo および Joomla! 用 Elite Experts コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4944	2012-02-29 11:14	2011-10-9	Show	GitHub Exploit DB Packet Storm

204966	7.5	危険	Saurused	-	Saurus CMS における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-4943	2012-02-29 11:08	2011-10-9	Show	GitHub Exploit DB Packet Storm

204967	7.5	危険	E-Xoopport	-	E-Xoopport Samsara の location.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4942	2012-02-29 11:06	2011-10-9	Show	GitHub Exploit DB Packet Storm

204968	7.5	危険	Joomla Mo	-	Joomla! 用 Teams (com_teams) コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4941	2012-02-29 11:02	2011-10-9	Show	GitHub Exploit DB Packet Storm

204969	7.5	危険	Wanewsletter	-	Wanewsletter の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4940	2012-02-29 11:01	2011-10-9	Show	GitHub Exploit DB Packet Storm

204970	7.5	危険	Scripts bdr130	-	MailForm の index.php におけるリモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-4939	2012-02-29 10:58	2011-10-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 26, 2025, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1171	-		-	-	Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks.	-	CVE-2024-2240	2025-02-14 14:15	2025-02-14	Show	GitHub Exploit DB Packet Storm

1172	-		-	-	musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8.	-	CVE-2025-26519	2025-02-14 13:15	2025-02-14	Show	GitHub Exploit DB Packet Storm

1173	-		-	-	Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to…	-	CVE-2025-1053	2025-02-14 13:15	2025-02-14	Show	GitHub Exploit DB Packet Storm

1174	7.2	HIGH Network	-	-	IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privil…	CWE-78 OS Command	CVE-2024-55904	2025-02-14 13:15	2025-02-14	Show	GitHub Exploit DB Packet Storm

1175	-		-	-	CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text. The vulnerability could allow an authenticated, local attacker to view Brocade Fabric OS switch sensi…	-	CVE-2024-10404	2025-02-14 13:15	2025-02-14	Show	GitHub Exploit DB Packet Storm

1176	-		-	-	Systems running the Instaclustr fork of Stratio's Cassandra-Lucene-Index plugin versions 4.0-rc1-1.0.0 through 4.0.16-1.0.0 and 4.1.2-1.0.0 through 4.1.8-1.0.0, installed into Apache Cassandra ver…	-	CVE-2025-26511	2025-02-14 09:15	2025-02-14	Show	GitHub Exploit DB Packet Storm

1177	-		-	-	A critical information disclosure vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters due to Incorrect Access Control (CWE-284). Unauthenticated atta…	-	CVE-2025-22961	2025-02-14 08:15	2025-02-14	Show	GitHub Exploit DB Packet Storm

1178	-		-	-	A session hijacking vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters. Unauthenticated attackers can access exposed log files (/logs/debug/xteLog*)…	-	CVE-2025-22960	2025-02-14 08:15	2025-02-14	Show	GitHub Exploit DB Packet Storm

1179	-		-	-	An issue in Docker-proxy v18.09.0 allows attackers to cause a denial of service.	-	CVE-2024-57782	2025-02-14 08:15	2025-02-14	Show	GitHub Exploit DB Packet Storm

1180	-		-	-	In Perfex Crm < 3.2.1, an authenticated attacker can send a crafted HTTP POST request to the affected upload_sales_file endpoint. By providing malicious input in the rel_id parameter, combined with i…	-	CVE-2024-56908	2025-02-14 08:15	2025-02-14	Show	GitHub Exploit DB Packet Storm