Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 21, 2025, 10:02 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
206421 10 危険 Google - Linux 上で稼働する Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2010-3416 2011-06-9 10:27 2010-09-14 Show GitHub Exploit DB Packet Storm
206422 7.8 危険 シスコシステムズ - Cisco Wireless LAN Controller におけるメモリリークの脆弱性 CWE-399
リソース管理の問題 		CVE-2009-1165 2011-06-9 10:26 2009-07-27 Show GitHub Exploit DB Packet Storm
206423 7.8 危険 シスコシステムズ - Cisco Wireless LAN Controller の管理用 Web インターフェースにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-1164 2011-06-9 10:26 2009-07-27 Show GitHub Exploit DB Packet Storm
206424 7.8 危険 シスコシステムズ - Cisco Physical Access Gateway におけるメモリリークの脆弱性 CWE-399
リソース管理の問題 		CVE-2009-1163 2011-06-9 10:25 2009-06-24 Show GitHub Exploit DB Packet Storm
206425 6.8 警告 Apache Software Foundation - Apache Archiva における権限を取得される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4408 2011-06-9 10:23 2010-12-15 Show GitHub Exploit DB Packet Storm
206426 7.2 危険 Apache Software Foundation - Apache mod_fcgid の apr_status_t fcgid_header_bucket_read 関数における脆弱性 CWE-189
数値処理の問題 		CVE-2010-3872 2011-06-9 10:22 2010-06-8 Show GitHub Exploit DB Packet Storm
206427 4.3 警告 Apache Software Foundation - Apache Struts における複数のクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6682 2011-06-9 10:21 2009-04-9 Show GitHub Exploit DB Packet Storm
206428 4.3 警告 Apache Software Foundation - Apache Struts におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2025 2011-06-9 10:20 2009-04-9 Show GitHub Exploit DB Packet Storm
206429 4.3 警告 Stichting NLnet Labs - Unbound DNS リゾルバにサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1922 2011-06-8 11:55 2011-05-26 Show GitHub Exploit DB Packet Storm
206430 7.8 危険 ERLANG - Erlang/OTP SSH ライブラリで生成される乱数が推測可能な問題 CWE-310
暗号の問題 		CVE-2011-0766 2011-06-8 11:54 2011-05-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 21, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2141 - - - A vulnerability was found in code-projects Online Book Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /detail.php. The manipulation of the argument id… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0297 2025-01-8 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
2142 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kmfoysal06 SimpleCharm allows Reflected XSS.This issue affects SimpleCharm: from n/a through 1.4.… CWE-79
Cross-site Scripting 		CVE-2024-56056 2025-01-8 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
2143 - - - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rezgo Rezgo allows PHP Local File Inclusion.This issue affects Rezgo: from n/a… CWE-98
CWE-829
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2024-53800 2025-01-8 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
2144 - - - An authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3 allows attackers to execute arbitrary code via uploading a crafted file. - CVE-2024-53345 2025-01-8 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
2145 - - - matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Versions of the matrix-sdk-crypto Rust crate before 0.8.0 lack a dedicated mechanism to notify that a user's cryptograp… CWE-223
CVE-2024-52813 2025-01-8 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
2146 - - - Vehicle Management System 1.0 is vulnerable to SQL Injection. A guest user can exploit vulnerable POST parameters in various administrative actions, such as booking a vehicle or confirming a booking.… - CVE-2024-48245 2025-01-8 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
2147 - - - An issue in the validate_email function in CTFd/utils/validators/__init__.py of CTFd 3.7.3 allows attackers to cause a Regular expression Denial of Service (ReDoS) via supplying a crafted string as e… - CVE-2024-46242 2025-01-8 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
2148 8.2 HIGH
Network 		- - IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate validat… CWE-295
Improper Certificate Validation  		CVE-2024-40702 2025-01-8 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
2149 6.5 MEDIUM
Network 		- - IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. This vulnerability allows users to publish code to private packages or reposit… CWE-798
 Use of Hard-coded Credentials 		CVE-2024-28778 2025-01-8 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm
2150 4.3 MEDIUM
Network 		- - IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. CWE-209
Information Exposure Through an Error Message 		CVE-2024-25037 2025-01-8 01:15 2025-01-8 Show GitHub Exploit DB Packet Storm