Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
206071	4.3	警告	PrestaShop	-	Prestashop におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4544	2011-12-5 16:00	2011-12-1	Show	GitHub Exploit DB Packet Storm

206072	4.3	警告	atmail pty ltd	-	AtMail Open におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4540	2011-12-5 15:58	2011-12-1	Show	GitHub Exploit DB Packet Storm

206073	2.6	注意	CloudBees	-	CloudBees Jenkins の Jenkins Core におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4344	2011-12-2 15:50	2011-11-8	Show	GitHub Exploit DB Packet Storm

206074	4.3	警告	シュナイダーエレクトリック株式会社 (旧社名株式会社エーピーシー・ジャパン)	-	PowerChute Business Edition におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4263	2011-12-2 12:01	2011-12-2	Show	GitHub Exploit DB Packet Storm

206075	4.3	警告	Geeklog	-	Geeklog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4647	2011-12-1 16:48	2011-06-23	Show	GitHub Exploit DB Packet Storm

206076	6	警告	Lester Chan	-	WordPress 用 WP-PostRatings プラグインにおける SQL インジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2011-4646	2011-12-1 16:47	2011-11-30	Show	GitHub Exploit DB Packet Storm

206077	7.5	危険	Hastymail	-	Hastymail2 における任意のコマンドを実行される脆弱性	CWE-89 SQLインジェクション	CVE-2011-4542	2011-12-1 16:46	2011-11-30	Show	GitHub Exploit DB Packet Storm

206078	7.5	危険	Novell	-	Novell NetWare の xdrDecodeString 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-4191	2011-12-1 16:44	2011-10-5	Show	GitHub Exploit DB Packet Storm

206079	7.5	危険	Namazu Project	-	Namazu におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-5028	2011-12-1 16:42	2011-11-30	Show	GitHub Exploit DB Packet Storm

206080	5	警告	arora	-	Arora における証明書の Common Name (CN) を偽造される脆弱性	CWE-20 不適切な入力確認	CVE-2011-3367	2011-12-1 16:42	2011-11-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 12, 2025, 4:14 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
263901	-	pdnsd	pdnsd	The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section…	CWE-399 Resource Management Errors	CVE-2008-4194	2017-08-8 10:32	2008-09-24	Show	GitHub Exploit DB Packet Storm

263902	-	opera	opera_browser	Opera before 9.52 does not properly restrict the ability of a framed web page to change the address associated with a different frame, which allows remote attackers to trigger the display of an arbit…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2008-4195	2017-08-8 10:32	2008-09-27	Show	GitHub Exploit DB Packet Storm

263903	-	opera	opera_browser	Opera before 9.52, when rendering an http page that has loaded an https page into a frame, displays a padlock icon and offers a security information dialog reporting a secure connection, which might …	NVD-CWE-Other	CVE-2008-4198	2017-08-8 10:32	2008-09-27	Show	GitHub Exploit DB Packet Storm

263904	-	opera	opera_browser	Opera before 9.52 does not prevent use of links from web pages to feed source files on the local disk, which might allow remote attackers to determine the validity of local filenames via vectors invo…	CWE-200 Information Exposure	CVE-2008-4199	2017-08-8 10:32	2008-09-27	Show	GitHub Exploit DB Packet Storm

263905	-	opera	opera_browser	Opera before 9.52 does not ensure that the address field of a news feed represents the feed's actual URL, which allows remote attackers to change this field to display the URL of a page containing we…	CWE-20 Improper Input Validation	CVE-2008-4200	2017-08-8 10:32	2008-09-27	Show	GitHub Exploit DB Packet Storm

263906	-	osads_alliance_database	osads_alliance_database	Unspecified vulnerability in OSADS Alliance Database before 2.1 has unknown impact and attack vectors, possibly related to includes/functions.php, a different issue than CVE-2006-2874.	NVD-CWE-noinfo	CVE-2008-4208	2017-08-8 10:32	2008-09-24	Show	GitHub Exploit DB Packet Storm

263907	-	apple	mac_os_x mac_os_x_server	Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attac…	CWE-16 Configuration	CVE-2008-4212	2017-08-8 10:32	2008-10-10	Show	GitHub Exploit DB Packet Storm

263908	-	apple	mac_os_x mac_os_x_server	Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file opera…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2008-4214	2017-08-8 10:32	2008-10-10	Show	GitHub Exploit DB Packet Storm

263909	-	apple	mac_os_x_server	Weblog in Mac OS X Server 10.4.11 does not properly check an error condition when a weblog posting access control list is specified for a user that has multiple short names, which might allow attacke…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2008-4215	2017-08-8 10:32	2008-10-10	Show	GitHub Exploit DB Packet Storm

263910	-	apple	mac_os_x mac_os_x_server	Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file w…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2008-4234	2017-08-8 10:32	2008-12-17	Show	GitHub Exploit DB Packet Storm