Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 21, 2025, 10:02 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
206461 6.8 警告 IntelliCom Innovation AB - 複数の IntelliCom 製品の cgi-bin/read.cgi におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2010-4730 2011-06-6 14:34 2011-02-15 Show GitHub Exploit DB Packet Storm
206462 7.8 危険 Imperva Inc. - Imperva SecureSphere の Web Application Firewall および Database Firewall における intrusion-prevention 機能を回避される脆弱性 CWE-noinfo
情報不足
CVE-2010-1329 2011-06-6 14:29 2010-04-5 Show GitHub Exploit DB Packet Storm
206463 4.3 警告 Imperva Inc. - Imperva SecureSphere MX Management Server の management GUI におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2008-1463 2011-06-6 14:27 2008-03-18 Show GitHub Exploit DB Packet Storm
206464 6.5 警告 バラクーダネットワークス - Barracuda Spam Firewall の Account View ページ内にある index.cgi における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2008-1094 2011-06-6 14:23 2008-12-15 Show GitHub Exploit DB Packet Storm
206465 3.5 注意 バラクーダネットワークス - 複数の Barracuda 製品の index.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2008-0971 2011-06-6 14:21 2008-12-15 Show GitHub Exploit DB Packet Storm
206466 4.3 警告 バラクーダネットワークス - Barracuda Spam Firewall の ldap_test.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2008-2333 2011-06-6 14:20 2008-05-22 Show GitHub Exploit DB Packet Storm
206467 10 危険 7-Technologies - 7-Technologies Interactive Graphical SCADA System の logText 関数における任意のコードを実行される脆弱性 CWE-134
書式文字列の問題
CVE-2011-1568 2011-06-6 14:19 2011-04-5 Show GitHub Exploit DB Packet Storm
206468 10 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット
- 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2011-0075 2011-06-6 13:56 2011-04-28 Show GitHub Exploit DB Packet Storm
206469 5 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット
- Windows 上で稼働する複数の Mozilla 製品におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2011-0071 2011-06-6 10:36 2011-04-28 Show GitHub Exploit DB Packet Storm
206470 5 警告 サイバートラスト株式会社
Mozilla Foundation
- Mozilla Firefox および SeaMonkey におけるフォームの入力履歴を読まれる脆弱性 CWE-20
不適切な入力確認
CVE-2011-0067 2011-06-6 10:35 2011-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 21, 2025, 4:11 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2451 - - - OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which attackers can use to inject unexpected arbitrary data into third-party executables or plug-ins. - CVE-2024-5594 2025-01-6 23:15 2025-01-6 Show GitHub Exploit DB Packet Storm
2452 - - - The Email Subscribers by Icegram Express WordPress plugin before 5.7.44 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks - CVE-2024-12311 2025-01-6 23:15 2025-01-6 Show GitHub Exploit DB Packet Storm
2453 - - - The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks - CVE-2024-12302 2025-01-6 23:15 2025-01-6 Show GitHub Exploit DB Packet Storm
2454 - - - The Pods WordPress plugin before 3.2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even w… - CVE-2024-11849 2025-01-6 23:15 2025-01-6 Show GitHub Exploit DB Packet Storm
2455 - - - The tourmaster WordPress plugin before 5.3.4 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting att… - CVE-2024-11356 2025-01-6 23:15 2025-01-6 Show GitHub Exploit DB Packet Storm
2456 3.9 LOW
Physics
- - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TUBITAK BILGEM Pardus OS My Computer allows OS Command Injection.This issue affects Pardus … CWE-78
OS Command 
CVE-2024-12970 2025-01-6 21:15 2025-01-6 Show GitHub Exploit DB Packet Storm
2457 - - - A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uplo… CWE-284
CWE-434
Improper Access Control
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-13145 2025-01-6 10:15 2025-01-6 Show GitHub Exploit DB Packet Storm
2458 - - - A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogCont… CWE-284
CWE-434
Improper Access Control
 Unrestricted Upload of File with Dangerous Type 
CVE-2024-13144 2025-01-6 09:15 2025-01-6 Show GitHub Exploit DB Packet Storm
2459 - - - A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/Per… CWE-79
CWE-94
Cross-site Scripting
Code Injection
CVE-2024-13143 2025-01-6 09:15 2025-01-6 Show GitHub Exploit DB Packet Storm
2460 - - - A vulnerability, which was classified as problematic, was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). This affects an unknown part of the file /Logs/Annals/downLoad.html.… CWE-200
CWE-284
Information Exposure
Improper Access Control
CVE-2025-0227 2025-01-6 03:15 2025-01-6 Show GitHub Exploit DB Packet Storm