Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
206201 4.3 警告 razorCMS - razorCMS の admin/core/admin_func.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5051 2011-11-25 11:44 2011-11-23 Show GitHub Exploit DB Packet Storm
206202 4.3 警告 Zoho Corporation - ManageEngine ADManager Plus におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5050 2011-11-25 11:43 2011-11-23 Show GitHub Exploit DB Packet Storm
206203 7.5 危険 Zabbix - Zabbix の events.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5049 2011-11-25 11:42 2011-11-23 Show GitHub Exploit DB Packet Storm
206204 4.3 警告 JoomlaTune
Joomla!		 - JoomlaTune JComments におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5048 2011-11-25 11:42 2011-11-23 Show GitHub Exploit DB Packet Storm
206205 7.5 危険 V-EVA - V-EVA Press Release Script における任意の SQL コマンドを実行される脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5047 2011-11-25 11:41 2011-11-23 Show GitHub Exploit DB Packet Storm
206206 4.3 警告 ecoCMS - ecoCMS の admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5046 2011-11-25 11:40 2011-11-23 Show GitHub Exploit DB Packet Storm
206207 7.5 危険 Alephsystem - CMS Ariadna の detResolucion.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5058 2011-11-25 10:14 2011-11-23 Show GitHub Exploit DB Packet Storm
206208 7.5 危険 Alephsystem - CMS Ariadna の detResolucion.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5057 2011-11-25 10:13 2011-11-23 Show GitHub Exploit DB Packet Storm
206209 7.5 危険 IXXO Internet Solutions - XOBBIX コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5053 2011-11-25 10:08 2011-11-23 Show GitHub Exploit DB Packet Storm
206210 4.3 警告 Joomla! - Joomla! におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4332 2011-11-25 09:39 2011-03-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 2, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1371 - - - Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Debug Tool: from n/a through 2.2. CWE-862
 Missing Authorization 		CVE-2025-23684 2025-01-23 01:15 2025-01-23 Show GitHub Exploit DB Packet Storm
1372 - - - In multiple locations, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges… - CVE-2024-49735 2025-01-23 01:15 2025-01-22 Show GitHub Exploit DB Packet Storm
1373 8.2 HIGH
Local 		howyar
signalcomputer
wasay
sanfong
greenware
cs-grp
radix 		sysreturn
hdd_king
erecoveryrx
ez-back_system
greenguard
neo_impact
smart_recovery 		Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path. CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2024-7344 2025-01-23 00:41 2025-01-14 Show GitHub Exploit DB Packet Storm
1374 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AlaFalaki a Gateway for Pasargad Bank on WooCommerce allows Reflected XSS. This issue affects a G… CWE-79
Cross-site Scripting 		CVE-2025-23966 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
1375 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Linus Lundahl Good Old Gallery allows Reflected XSS. This issue affects Good Old Gallery: from n/… CWE-79
Cross-site Scripting 		CVE-2025-23959 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
1376 - - - Unrestricted Upload of File with Dangerous Type vulnerability in Innovative Solutions user files allows Upload a Web Shell to a Web Server. This issue affects user files: from n/a through 2.4.2. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2025-23953 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
1377 - - - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mihajlovic Nenad Improved Sale Badges – Free Version allows PHP Local File Inc… CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2025-23949 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
1378 - - - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebArea Background animation blocks allows PHP Local File Inclusion. This issu… CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2025-23948 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
1379 - - - Deserialization of Untrusted Data vulnerability in WOOEXIM.COM WOOEXIM allows Object Injection. This issue affects WOOEXIM: from n/a through 5.0.0. CWE-502
 Deserialization of Untrusted Data 		CVE-2025-23944 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
1380 - - - ps_contactinfo, a PrestaShop module for displaying store contact information, has a cross-site scripting (XSS) vulnerability in versions up to and including 3.3.2. This can not be exploited in a fres… CWE-79
Cross-site Scripting 		CVE-2025-24027 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm