Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
205781	10	危険	Nullsoft	-	Winamp の in_mod.dll プラグインにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-4857	2011-12-21 15:27	2011-12-9	Show	GitHub Exploit DB Packet Storm

205782	6.8	警告	HomeSeer Technologies, LLC.	-	HomeSeer HS2 の Web インターフェースにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-4837	2011-12-21 15:25	2011-12-15	Show	GitHub Exploit DB Packet Storm

205783	4.3	警告	HomeSeer Technologies, LLC.	-	HomeSeer HS2 の Web インターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4836	2011-12-21 15:24	2011-12-15	Show	GitHub Exploit DB Packet Storm

205784	7.5	危険	HomeSeer Technologies, LLC.	-	HomeSeer HS2 の Web インターフェースにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-4835	2011-12-21 15:23	2011-12-15	Show	GitHub Exploit DB Packet Storm

205785	9.3	危険	RSAセキュリティ	-	EMC RSA SecurID Software Token における権限を取得される脆弱性	CWE-Other その他	CVE-2011-4141	2011-12-21 14:34	2011-12-17	Show	GitHub Exploit DB Packet Storm

205786	4.3	警告	Mozilla Foundation SafeNet, Inc 7-Technologies	-	複数の SafeNet 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3339	2011-12-21 14:21	2011-12-12	Show	GitHub Exploit DB Packet Storm

205787	6.8	警告	奈良先端科学技術大学院大学	-	茶筌 (ChaSen) におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-4000	2011-12-20 18:12	2011-11-8	Show	GitHub Exploit DB Packet Storm

205788	8.3	危険	富士通日本電気日立	-	Preboot Execution Environment (PXE) SDK を使用した製品における複数の脆弱性	CWE-119 CWE-22	CVE-2009-0270	2011-12-20 17:33	2011-12-15	Show	GitHub Exploit DB Packet Storm

205789	9.3	危険	Parallels	-	Parallels Plesk Panel の Control Panel における詳細不明な脆弱性	CWE-DesignError	CVE-2011-4856	2011-12-20 14:41	2011-12-16	Show	GitHub Exploit DB Packet Storm

205790	9.3	危険	Parallels	-	Parallels Plesk Panel の Control Panel における詳細不明な脆弱性	CWE-DesignError	CVE-2011-4855	2011-12-20 14:40	2011-12-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 7, 2025, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1631	-		-	-	Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is vulnerable to leaking credentials in d…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2025-24034	2025-01-24 03:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1632	6.0	MEDIUM Local	-	-	IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. which could also cause a denial of service.	CWE-471 Modification of Assumed-Immutable Data (MAID)	CVE-2024-45672	2025-01-24 03:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1633	-		-	-	A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records …	-	CVE-2025-0650	2025-01-24 03:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1634	-		-	-	A reachable assertion in the mme_ue_find_by_imsi function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.	-	CVE-2024-24430	2025-01-24 03:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

1635	-		-	-	When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffe…	-	CVE-2025-0395	2025-01-24 03:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

1636	-		-	-	A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to c…	-	CVE-2023-37026	2025-01-24 03:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

1637	-		-	-	A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to c…	-	CVE-2023-37025	2025-01-24 03:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

1638	-		-	-	ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware updates. An attacker can create and encrypt malicious firmware that will be successfully decrypted and insta…	-	CVE-2024-52331	2025-01-24 02:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1639	-		-	-	ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates.	-	CVE-2024-52330	2025-01-24 02:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

1640	-		-	-	ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authentication tokens.	-	CVE-2024-52329	2025-01-24 02:15	2025-01-24	Show	GitHub Exploit DB Packet Storm