Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
205301	9.3	危険	LuraTech	-	LuraWave JP2 ActiveX Control におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-0977	2012-02-7 16:12	2012-02-2	Show	GitHub Exploit DB Packet Storm

205302	2.1	注意	SilverStripe	-	SilverStripe の admin/EditForm におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0976	2012-02-7 16:10	2012-02-2	Show	GitHub Exploit DB Packet Storm

205303	4.3	警告	Clixint Technologies	-	Image Hosting Script DPI の misc.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0975	2012-02-7 16:00	2012-02-2	Show	GitHub Exploit DB Packet Storm

205304	7.8	危険	FreeBSD NetBSD	-	複数の BSD-based オペレーティングシステムにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-2393	2012-02-7 15:51	2012-02-2	Show	GitHub Exploit DB Packet Storm

205305	5	警告	Linux	-	Linux kernel におけるネットワーク盗聴を検出される脆弱性	CWE-200 情報漏えい	CVE-2010-4563	2012-02-7 15:50	2012-02-2	Show	GitHub Exploit DB Packet Storm

205306	4.3	警告	マイクロソフト	-	Microsoft Windows におけるネットワーク盗聴を検出される問題	CWE-200 情報漏えい	CVE-2010-4562	2012-02-7 15:44	2012-02-2	Show	GitHub Exploit DB Packet Storm

205307	4	警告	Mozilla Foundation	-	Bugzilla における他のユーザアカウントを偽造される脆弱性	CWE-20 不適切な入力確認	CVE-2012-0448	2012-02-6 16:51	2011-12-31	Show	GitHub Exploit DB Packet Storm

205308	10	危険	ヒューレット・パッカード	-	HP Data Protector Media Operations における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-4791	2012-02-6 16:44	2012-02-1	Show	GitHub Exploit DB Packet Storm

205309	5.1	警告	Mozilla Foundation	-	Bugzilla の jsonrpc.cgi におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-0440	2012-02-6 16:35	2012-01-15	Show	GitHub Exploit DB Packet Storm

205310	7.2	危険	アップル	-	Apple Mac OS X の WebDAV Sharing における権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2011-3463	2012-02-6 16:34	2012-02-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
411	-		-	-	Discourse is an open source platform for community discussion. In affected versions users who disable chat in preferences could still be reachable in some cases. This problem has been patched in the …	CWE-281 Improper Preservation of Permissions	CVE-2024-53994	2025-02-5 07:15	2025-02-5	Show	GitHub Exploit DB Packet Storm

412	-		-	-	Discourse is an open source platform for community discussion. In affected versions the endpoint for generating inline oneboxes for URLs wasn't enforcing limits on the number of URLs that it accepted…	CWE-400 Uncontrolled Resource Consumption	CVE-2024-53851	2025-02-5 07:15	2025-02-5	Show	GitHub Exploit DB Packet Storm

413	-		-	-	Discourse is an open source platform for community discussion. In affected versions with some combinations of plugins, and with CSP disabled, activity streams in the user's profile page may be vulner…	CWE-79 Cross-site Scripting	CVE-2024-53266	2025-02-5 07:15	2025-02-5	Show	GitHub Exploit DB Packet Storm

414	-		-	-	Discourse is an open source platform for community discussion. In affected versions an attacker can carefully craft a request with the right request headers to poison the anonymous cache (for example…	CWE-346 Origin Validation Error	CVE-2025-23023	2025-02-5 06:15	2025-02-5	Show	GitHub Exploit DB Packet Storm

415	-		-	-	Discourse is an open source platform for community discussion. In affected versions an attacker can execute arbitrary JavaScript on users' browsers by posting a malicious video placeholder html eleme…	CWE-79 Cross-site Scripting	CVE-2025-22602	2025-02-5 06:15	2025-02-5	Show	GitHub Exploit DB Packet Storm

416	-		-	-	Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the `act…	CWE-22 Path Traversal	CVE-2025-22601	2025-02-5 06:15	2025-02-5	Show	GitHub Exploit DB Packet Storm

417	-		-	-	Discourse is an open source platform for community discussion. An attacker can execute arbitrary JavaScript on users' browsers by posting a maliciously crafted onebox url. This issue only affects sit…	CWE-79 Cross-site Scripting	CVE-2024-56328	2025-02-5 06:15	2025-02-5	Show	GitHub Exploit DB Packet Storm

418	-		-	-	Discourse is an open source platform for community discussion. PM titles and metadata can be read by other users when the "PM tags allowed for groups" option is enabled, the other user is a member of…	CWE-200 Information Exposure	CVE-2024-56197	2025-02-5 06:15	2025-02-5	Show	GitHub Exploit DB Packet Storm

419	-		-	-	Discourse is an open source platform for community discussion. In affected versions an attacker can make craft an XHR request to poison the anonymous cache (for example, the cache may have a response…	CWE-346 Origin Validation Error	CVE-2024-55948	2025-02-5 06:15	2025-02-5	Show	GitHub Exploit DB Packet Storm

420	2.7	LOW Network	-	-	IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This inform…	CWE-209 Information Exposure Through an Error Message	CVE-2024-45658	2025-02-5 06:15	2025-02-5	Show	GitHub Exploit DB Packet Storm