Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
206141 7.8 危険 シスコシステムズ - Cisco TelePresence Recording サーバデバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0391 2011-11-29 10:34 2011-02-23 Show GitHub Exploit DB Packet Storm
206142 7.8 危険 シスコシステムズ - Cisco TelePresence Multipoint Switch デバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0390 2011-11-29 10:33 2011-02-23 Show GitHub Exploit DB Packet Storm
206143 7.8 危険 シスコシステムズ - Cisco TelePresence Multipoint Switch デバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0389 2011-11-29 10:32 2011-02-23 Show GitHub Exploit DB Packet Storm
206144 7.8 危険 シスコシステムズ - Cisco TelePresence Recording Server および Cisco TelePresence Multipoint Switch における脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0388 2011-11-29 10:31 2011-02-23 Show GitHub Exploit DB Packet Storm
206145 8 危険 シスコシステムズ - Cisco TelePresence Multipoint Switch (CTMS) デバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-0387 2011-11-29 10:31 2011-02-23 Show GitHub Exploit DB Packet Storm
206146 9.3 危険 シスコシステムズ - Cisco TelePresence Recording Server 上の XML-RPC の実装におけるファイルを上書きされる脆弱性 CWE-94
コード・インジェクション 		CVE-2011-0386 2011-11-29 10:30 2011-02-23 Show GitHub Exploit DB Packet Storm
206147 10 危険 シスコシステムズ - Cisco TelePresence Recording Server および Cisco TelePresence Multipoint Switch における脆弱性 CWE-Other
その他 		CVE-2011-0385 2011-11-29 10:29 2011-02-23 Show GitHub Exploit DB Packet Storm
206148 10 危険 シスコシステムズ - Cisco TelePresence Multipoint Switch における任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2011-0384 2011-11-29 10:28 2011-02-23 Show GitHub Exploit DB Packet Storm
206149 10 危険 シスコシステムズ - Cisco TelePresence Recording Server および Cisco TelePresence Multipoint Switch における脆弱性 CWE-287
不適切な認証 		CVE-2011-0383 2011-11-29 10:27 2011-02-23 Show GitHub Exploit DB Packet Storm
206150 10 危険 シスコシステムズ - Cisco TelePresence Recording Server における任意のコードを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2011-0382 2011-11-29 09:55 2011-02-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 2, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1731 - - - PwnDoc is a penetration test report generator. There is no CSRF protection in pwndoc, allowing attackers to send requests on a logged-in user's behalf. This includes GET and POST requests due to the … CWE-352
 Origin Validation Error 		CVE-2025-23044 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1732 - - - gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them ap… CWE-281
CWE-687
 Improper Preservation of Permissions
 Function Call With Incorrectly Specified Argument Value 		CVE-2025-22620 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1733 - - - PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting (XSS) vulnerability in the code which translates the XLSX file into a HTML representation and displays … CWE-79
Cross-site Scripting 		CVE-2025-22131 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1734 - - - Sunshine is a self-hosted game stream host for Moonlight. In 0.23.1 and earlier, Sunshine's pairing protocol implementation does not validate request order and is thereby vulnerable to a MITM attack,… CWE-476
CWE-305
CWE-841
 NULL Pointer Dereference
 Authentication Bypass by Primary Weakness
 Improper Enforcement of Behavioral Workflow 		CVE-2024-51738 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1735 5.6 MEDIUM
Network 		- - IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the password of an expired user without pri… CWE-620
 Unverified Password Change 		CVE-2024-45647 2025-01-21 00:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1736 - - - WriteFreely through 0.15.1, when MySQL is used, allows local users to discover credentials by reading config.ini. - CVE-2025-24337 2025-01-20 23:15 2025-01-20 Show GitHub Exploit DB Packet Storm
1737 - - - In the Linux kernel, the following vulnerability has been resolved: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period io_eventfd_do_signal() is invoked from an RCU callback, bu… - CVE-2025-21655 2025-01-20 23:15 2025-01-20 Show GitHub Exploit DB Packet Storm
1738 - - - This vulnerability exists in the CP Plus Router due to insecure handling of cookie flags used within its web interface. A remote attacker could exploit this vulnerability by intercepting data transmi… CWE-1004
CWE-614
 Sensitive Cookie Without 'HttpOnly' Flag
 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute 		CVE-2025-0479 2025-01-20 21:15 2025-01-20 Show GitHub Exploit DB Packet Storm
1739 - - - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API … - CVE-2023-52923 2025-01-20 20:15 2025-01-20 Show GitHub Exploit DB Packet Storm
1740 7.2 HIGH
Network 		- - The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote attackers with database modification privileges and regular system privileges to perform arbitrary cod… CWE-502
 Deserialization of Untrusted Data 		CVE-2025-0586 2025-01-20 12:15 2025-01-20 Show GitHub Exploit DB Packet Storm