Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 15, 2025, 6:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
206691	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3943	2011-01-17 14:38	2010-12-14	Show	GitHub Exploit DB Packet Storm

206692	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-119 バッファエラー	CVE-2010-3942	2011-01-17 14:35	2010-12-14	Show	GitHub Exploit DB Packet Storm

206693	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2010-3941	2011-01-17 14:29	2010-12-14	Show	GitHub Exploit DB Packet Storm

206694	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2010-3940	2011-01-14 15:55	2010-12-14	Show	GitHub Exploit DB Packet Storm

206695	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3939	2011-01-14 15:53	2010-12-14	Show	GitHub Exploit DB Packet Storm

206696	9.3	危険	マイクロソフト	-	Microsoft Windows の Internet Connection Signup Wizard における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3144	2011-01-14 15:49	2010-12-14	Show	GitHub Exploit DB Packet Storm

206697	9.3	危険	マイクロソフト	-	Windows Address Book の wab.exe における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3147	2011-01-14 15:47	2010-12-14	Show	GitHub Exploit DB Packet Storm

206698	6.9	警告	マイクロソフト	-	Microsoft Windows における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3966	2011-01-14 15:42	2010-12-14	Show	GitHub Exploit DB Packet Storm

206699	6.9	警告	マイクロソフト	-	Windows Media Encoder における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3965	2011-01-14 15:39	2010-12-14	Show	GitHub Exploit DB Packet Storm

206700	6.9	警告	マイクロソフト	-	Microsoft Windows Movie Maker における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3967	2011-01-14 15:36	2010-12-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 16, 2025, 4:15 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
257561	-	deonixscripts	web_template_management_system	SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a readmore action.	CWE-89 SQL Injection	CVE-2007-5233	2017-09-29 10:29	2007-10-6	Show	GitHub Exploit DB Packet Storm

257562	-	sun	jdk jre	Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2007-5237	2017-09-29 10:29	2007-10-6	Show	GitHub Exploit DB Packet Storm

257563	-	edraw	office_viewer_component	Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw Office Viewer Component 5.3.220.1 and earlier allows remote attackers to execute arbitrary code via …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2007-5257	2017-09-29 10:29	2007-10-7	Show	GitHub Exploit DB Packet Storm

257564	-	iscripts	multicart	Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to…	CWE-89 SQL Injection	CVE-2007-5261	2017-09-29 10:29	2007-10-7	Show	GitHub Exploit DB Packet Storm

257565	-	trionic	cite_cms	Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS 1.2 rev9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the bField[bf_data] parameter to (1) inte…	CWE-94 Code Injection	CVE-2007-5271	2017-09-29 10:29	2007-10-9	Show	GitHub Exploit DB Packet Storm

257566	-	furkan_tastan_blog	furkan_tastan_blog	SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote attackers to execute arbitrary SQL commands via the id parameter in a goster kat action.	CWE-89 SQL Injection	CVE-2007-5272	2017-09-29 10:29	2007-10-9	Show	GitHub Exploit DB Packet Storm

257567	-	adobe	shockwave_player	The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname…	CWE-20 Improper Input Validation	CVE-2007-5275	2017-09-29 10:29	2007-10-9	Show	GitHub Exploit DB Packet Storm

257568	-	zomplog	zomplog	Zomplog 3.8.1 and earlier stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to download files that were uploaded by users, as…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2007-5278	2017-09-29 10:29	2007-10-9	Show	GitHub Exploit DB Packet Storm

257569	-	skadate	skadate_online_dating_software	Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, and possibly later versions such as 6.482, allow remote attackers to read arbitrary files via a .. (dot dot) in the view_mode para…	CWE-22 Path Traversal	CVE-2007-5299	2017-09-29 10:29	2007-10-10	Show	GitHub Exploit DB Packet Storm

257570	-	hp	hp-ux	Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers …	CWE-79 Cross-site Scripting	CVE-2007-5302	2017-09-29 10:29	2007-10-10	Show	GitHub Exploit DB Packet Storm