Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
206001 7.5 危険 Maulana Al Matien - ardeaCore PHP Framework におけるリモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4998 2011-12-9 14:18 2011-11-2 Show GitHub Exploit DB Packet Storm
206002 7.5 危険 Joe Pieruccini - MCLogin System の login/login_index.php におけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5000 2011-12-9 14:17 2011-11-2 Show GitHub Exploit DB Packet Storm
206003 7.5 危険 2daybiz - 2daybiz Polls Script の searchvote.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5004 2011-12-9 14:16 2011-11-2 Show GitHub Exploit DB Packet Storm
206004 4.3 警告 Rayzz - Rayzz Photoz の members/profileCommentsResponse.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5005 2011-12-9 14:15 2011-11-2 Show GitHub Exploit DB Packet Storm
206005 7.5 危険 Emophp Programming - EMO Realty Manager の googlemap/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5006 2011-12-9 14:15 2011-11-2 Show GitHub Exploit DB Packet Storm
206006 4.3 警告 ut-files - UTStats の pages/match_report.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5007 2011-12-9 14:14 2011-11-2 Show GitHub Exploit DB Packet Storm
206007 7.5 危険 Denali - BrightSuite Groupware における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5008 2011-12-9 14:13 2011-11-2 Show GitHub Exploit DB Packet Storm
206008 7.5 危険 ut-files - UTStats の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5009 2011-12-9 14:12 2011-11-2 Show GitHub Exploit DB Packet Storm
206009 4.3 警告 FullSite Pty Ltd - SchoolMation におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5010 2011-12-9 14:10 2011-11-2 Show GitHub Exploit DB Packet Storm
206010 7.5 危険 FullSite Pty Ltd - SchoolMation における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5011 2011-12-9 14:10 2011-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 4, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
551 - - - Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0. CWE-74
Injection 		CVE-2025-24374 2025-01-30 01:15 2025-01-30 Show GitHub Exploit DB Packet Storm
552 - - - A reflected cross-site scripting (XSS) vulnerability in Audemium ERP <=0.9.0 allows remote attackers to execute an arbitrary JavaScript payload in the web browser of a user by including a malicious p… - CVE-2025-22917 2025-01-30 01:15 2025-01-29 Show GitHub Exploit DB Packet Storm
553 - - - The TP-Link Archer A20 v3 router is vulnerable to Cross-site Scripting (XSS) due to improper handling of directory listing paths in the web interface. When a specially crafted URL is visited, the rou… - CVE-2024-57514 2025-01-30 01:15 2025-01-29 Show GitHub Exploit DB Packet Storm
554 - - - Buffer Overflow vulnerability in D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, DSR-1000N from 3.13 to 3.17B901C allows unauthenticated users to execute remote code execution. - CVE-2024-57376 2025-01-30 01:15 2025-01-29 Show GitHub Exploit DB Packet Storm
555 9.9 CRITICAL
Network 		- - A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vuln… CWE-274
 Improper Handling of Insufficient Privileges 		CVE-2025-20156 2025-01-30 01:15 2025-01-23 Show GitHub Exploit DB Packet Storm
556 9.8 CRITICAL
Network 		openimageio openimageio OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*). CWE-787
 Out-of-bounds Write 		CVE-2024-55192 2025-01-30 00:36 2025-01-24 Show GitHub Exploit DB Packet Storm
557 9.8 CRITICAL
Network 		openimageio openimageio OpenImageIO v3.1.0.0dev was discovered to contain a segmentation violation via the component /OpenImageIO/string_view.h. NVD-CWE-Other
CVE-2024-55193 2025-01-30 00:27 2025-01-24 Show GitHub Exploit DB Packet Storm
558 9.8 CRITICAL
Network 		openimageio openimageio OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component /OpenImageIO/fmath.h. CWE-787
 Out-of-bounds Write 		CVE-2024-55194 2025-01-30 00:19 2025-01-24 Show GitHub Exploit DB Packet Storm
559 - - - An issue in the reset password interface of ruoyi v4.8.0 allows attackers with Admin privileges to cause a Denial of Service (DoS) by duplicating the login name of the account. - CVE-2024-57439 2025-01-30 00:15 2025-01-30 Show GitHub Exploit DB Packet Storm
560 - - - Insecure permissions in RuoYi v4.8.0 allows authenticated attackers to escalate privileges by assigning themselves higher level roles. - CVE-2024-57438 2025-01-30 00:15 2025-01-30 Show GitHub Exploit DB Packet Storm