Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205561 10 危険 SmartSoft - SmartFTP における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2010-4871 2012-01-19 10:26 2011-10-7 Show GitHub Exploit DB Packet Storm
205562 7.5 危険 bloofox - BloofoxCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4870 2012-01-19 10:25 2011-10-7 Show GitHub Exploit DB Packet Storm
205563 10 危険 アドビシステムズ - Adobe Reader および Acrobat の PRC コンポーネントにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-4369 2012-01-17 18:13 2011-12-16 Show GitHub Exploit DB Packet Storm
205564 4.3 警告 CourseForum Technologies - ProjectForum におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4277 2012-01-17 17:44 2011-10-3 Show GitHub Exploit DB Packet Storm
205565 2.1 注意 IBM - IBM WebSphere Application Server の Default Messaging コンポーネントにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-5066 2012-01-17 16:42 2011-04-11 Show GitHub Exploit DB Packet Storm
205566 4.3 警告 IBM - IBM WebSphere Application Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5065 2012-01-17 16:41 2011-10-11 Show GitHub Exploit DB Packet Storm
205567 7.5 危険 WHMCS Limited - WHMCompleteSolution の functions.php における任意のコード実行を誘発される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-5061 2012-01-17 16:40 2012-01-11 Show GitHub Exploit DB Packet Storm
205568 7.1 危険 ISC, Inc. - ISC DHCP の dhcpd のロギング機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-4868 2012-01-17 16:39 2012-01-12 Show GitHub Exploit DB Packet Storm
205569 2.1 注意 Roderich Schupp - Perl 用 PAR モジュールの par_mktmpdir 関数におけるファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5060 2012-01-17 16:33 2012-01-13 Show GitHub Exploit DB Packet Storm
205570 3.3 注意 Roderich Schupp - Perl 用 PAR::Packer モジュールの par_mktmpdir 関数におけるファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4114 2012-01-17 16:32 2012-01-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 12, 2025, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2701 - - - Cosmos provides users the ability self-host a home server by acting as a secure gateway to your application, as well as a server manager. By monitoring the error code returned in the login, it is pos… CWE-204
 Response Discrepancy Information Exposure 		CVE-2025-23214 2025-01-21 03:15 2025-01-21 Show GitHub Exploit DB Packet Storm
2702 4.0 MEDIUM
Local 		- - IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which can be read by another user on the system. CWE-525
 Use of Web Browser Cache Containing Sensitive Information 		CVE-2024-22349 2025-01-21 03:15 2025-01-21 Show GitHub Exploit DB Packet Storm
2703 5.3 MEDIUM
Network 		- - IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensiti… CWE-942
 Permissive Cross-domain Policy with Untrusted Domains 		CVE-2024-22348 2025-01-21 03:15 2025-01-21 Show GitHub Exploit DB Packet Storm
2704 5.9 MEDIUM
Network 		- - IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2024-22347 2025-01-21 03:15 2025-01-21 Show GitHub Exploit DB Packet Storm
2705 - - - Fedify is a TypeScript library for building federated server apps powered by ActivityPub and other standards. This vulnerability allows a user to maneuver the Webfinger mechanism to perform a GET req… CWE-918
CWE-835
Server-Side Request Forgery (SSRF) 
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2025-23221 2025-01-21 02:15 2025-01-21 Show GitHub Exploit DB Packet Storm
2706 - - - CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers … CWE-436
 Interpretation Conflict 		CVE-2025-24013 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm
2707 - - - Vite is a frontend tooling framework for javascript. Vite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of validation… CWE-346
CWE-350
CWE-1385
 Origin Validation Error
 Reliance on Reverse DNS Resolution for a Security-Critical Action
 Missing Origin Validation in WebSockets 		CVE-2025-24010 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm
2708 - - - PwnDoc is a penetration test report generator. There is no CSRF protection in pwndoc, allowing attackers to send requests on a logged-in user's behalf. This includes GET and POST requests due to the … CWE-352
 Origin Validation Error 		CVE-2025-23044 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm
2709 - - - gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them ap… CWE-281
CWE-687
 Improper Preservation of Permissions
 Function Call With Incorrectly Specified Argument Value 		CVE-2025-22620 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm
2710 - - - PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting (XSS) vulnerability in the code which translates the XLSX file into a HTML representation and displays … CWE-79
Cross-site Scripting 		CVE-2025-22131 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm