Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205681 7.8 危険 Apache Software Foundation - Apache Geronimo におけるサービス運用妨害 (CPU 資源の消費) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-5034 2012-01-4 16:47 2011-12-30 Show GitHub Exploit DB Packet Storm
205682 7.8 危険 JRuby - JRuby におけるサービス運用妨害 (CPU 資源の消費) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4838 2012-01-4 16:43 2011-12-28 Show GitHub Exploit DB Packet Storm
205683 5 警告 Plone Foundation - Plone におけるサービス運用妨害 (CPU 資源の消費) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4462 2012-01-4 16:38 2011-12-30 Show GitHub Exploit DB Packet Storm
205684 9.3 危険 マイクロソフト - Microsoft .NET Framework における任意のユーザアカウントへアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-3417 2012-01-4 16:34 2011-12-29 Show GitHub Exploit DB Packet Storm
205685 8.5 危険 マイクロソフト - Microsoft .NET Framework における任意のユーザアカウントへアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-3416 2012-01-4 16:33 2011-12-29 Show GitHub Exploit DB Packet Storm
205686 9.3 危険 Google
Hex-Rays		 - IDA Pro の IDAPython プラグインにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4783 2011-12-28 16:47 2011-07-27 Show GitHub Exploit DB Packet Storm
205687 7.2 危険 NVIDIA - NVIDIA Stereoscopic 3D ドライバにおける権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4784 2011-12-28 16:44 2011-12-27 Show GitHub Exploit DB Packet Storm
205688 4.3 警告 WP Symposium - WordPress 用の WP Symposium プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-3841 2011-12-28 16:40 2011-12-7 Show GitHub Exploit DB Packet Storm
205689 7.8 危険 IBM - IBM Lotus Domino の認証機能におけるサービス運用妨害 (DoS) 状態となる脆弱性 CWE-noinfo
情報不足 		CVE-2011-1393 2011-12-28 16:40 2011-12-27 Show GitHub Exploit DB Packet Storm
205690 5.5 警告 zFTPServer - zFTPServer Suite におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4717 2011-12-28 16:31 2011-12-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1781 5.4 MEDIUM
Network 		- - Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Business Logic Infra SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable … - CVE-2024-21245 2025-01-24 05:15 2025-01-22 Show GitHub Exploit DB Packet Storm
1782 7.8 HIGH
Local 		google android In ip6_append_data of ip6_output.c, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution priv… CWE-787
 Out-of-bounds Write 		CVE-2018-9389 2025-01-24 04:56 2025-01-18 Show GitHub Exploit DB Packet Storm
1783 5.5 MEDIUM
Local 		google android In NlpService, there is a possible way to obtain location information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges neede… CWE-862
 Missing Authorization 		CVE-2018-9406 2025-01-24 04:55 2025-01-18 Show GitHub Exploit DB Packet Storm
1784 5.5 MEDIUM
Local 		google android In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access to emergency services due to a logic error in the code. This could lead to a local denial of service w… NVD-CWE-noinfo
CVE-2017-13322 2025-01-24 04:54 2025-01-18 Show GitHub Exploit DB Packet Storm
1785 - - - An uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Serv… - CVE-2024-24443 2025-01-24 04:15 2025-01-22 Show GitHub Exploit DB Packet Storm
1786 - - - A reachable assertion in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an… - CVE-2023-37024 2025-01-24 04:15 2025-01-22 Show GitHub Exploit DB Packet Storm
1787 - - - Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.2.0, when sharing an item, a typical user can specify an arbitrary role. It allows the user to use… CWE-269
 Improper Privilege Management 		CVE-2025-24353 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
1788 - - - @fastify/multipart is a Fastify plugin for parsing the multipart content-type. Prior to versions 8.3.1 and 9.0.3, the `saveRequestFiles` function does not delete the uploaded temporary files when use… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2025-24033 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
1789 6.4 MEDIUM
Network 		- - IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript … CWE-79
Cross-site Scripting 		CVE-2025-23227 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
1790 - - - RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython… CWE-843
Type Confusion 		CVE-2025-22153 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm