Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205671 4.3 警告 GNU Project - Mailman 用の Mailman/htdig integration patch の mmsearch/design におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5024 2012-01-5 10:21 2011-12-29 Show GitHub Exploit DB Packet Storm
205672 4.3 警告 Pligg - Pligg CMS の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5023 2012-01-5 10:17 2011-12-29 Show GitHub Exploit DB Packet Storm
205673 7.5 危険 Pligg - Pligg CMS の search.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5022 2012-01-5 10:16 2011-12-29 Show GitHub Exploit DB Packet Storm
205674 4.3 警告 Winn GuestBook - Winn GuestBook におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5026 2012-01-5 10:16 2011-12-27 Show GitHub Exploit DB Packet Storm
205675 7.5 危険 PHPIDS - PHPIDS におけるルールセット回避の脆弱性 CWE-94
コード・インジェクション 		CVE-2011-5021 2012-01-5 10:15 2011-12-29 Show GitHub Exploit DB Packet Storm
205676 5 警告 GoAhead Software, Inc. - GoAhead WebServer におけるサービス運用妨害 (デーモン停止) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-5111 2012-01-5 10:13 2011-12-27 Show GitHub Exploit DB Packet Storm
205677 5 警告 DHTTPD - dhttpd におけるサービス運用妨害 (デーモン停止) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-5110 2012-01-5 10:13 2011-12-27 Show GitHub Exploit DB Packet Storm
205678 5 警告 Apache Software Foundation - Apache Tomcat におけるサービス運用妨害 (CPU 資源の消費) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-4084 2012-01-4 16:50 2011-12-30 Show GitHub Exploit DB Packet Storm
205679 5 警告 Google - Google V8 におけるサービス運用妨害 (CPU 資源の消費) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-5037 2012-01-4 16:48 2011-12-30 Show GitHub Exploit DB Packet Storm
205680 5 警告 Christian Neukirchen - Rack におけるサービス運用妨害 (CPU 資源の消費) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-5036 2012-01-4 16:48 2011-12-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1781 5.4 MEDIUM
Network 		- - Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Business Logic Infra SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable … - CVE-2024-21245 2025-01-24 05:15 2025-01-22 Show GitHub Exploit DB Packet Storm
1782 7.8 HIGH
Local 		google android In ip6_append_data of ip6_output.c, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution priv… CWE-787
 Out-of-bounds Write 		CVE-2018-9389 2025-01-24 04:56 2025-01-18 Show GitHub Exploit DB Packet Storm
1783 5.5 MEDIUM
Local 		google android In NlpService, there is a possible way to obtain location information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges neede… CWE-862
 Missing Authorization 		CVE-2018-9406 2025-01-24 04:55 2025-01-18 Show GitHub Exploit DB Packet Storm
1784 5.5 MEDIUM
Local 		google android In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access to emergency services due to a logic error in the code. This could lead to a local denial of service w… NVD-CWE-noinfo
CVE-2017-13322 2025-01-24 04:54 2025-01-18 Show GitHub Exploit DB Packet Storm
1785 - - - An uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Serv… - CVE-2024-24443 2025-01-24 04:15 2025-01-22 Show GitHub Exploit DB Packet Storm
1786 - - - A reachable assertion in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an… - CVE-2023-37024 2025-01-24 04:15 2025-01-22 Show GitHub Exploit DB Packet Storm
1787 - - - Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.2.0, when sharing an item, a typical user can specify an arbitrary role. It allows the user to use… CWE-269
 Improper Privilege Management 		CVE-2025-24353 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
1788 - - - @fastify/multipart is a Fastify plugin for parsing the multipart content-type. Prior to versions 8.3.1 and 9.0.3, the `saveRequestFiles` function does not delete the uploaded temporary files when use… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2025-24033 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
1789 6.4 MEDIUM
Network 		- - IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript … CWE-79
Cross-site Scripting 		CVE-2025-23227 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
1790 - - - RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython… CWE-843
Type Confusion 		CVE-2025-22153 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm