Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 13, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
206961	6.8	警告	アップル	-	Apple Mac OS X の Apple Filing Protocol Server におけるパスワード要求を回避される脆弱性	CWE-287 不適切な認証	CVE-2010-1820	2010-10-8 17:08	2010-09-21	Show	GitHub Exploit DB Packet Storm

206962	5	警告	マイクロソフト	-	Microsoft .NET Framework における View State フォームデータを復号または変更される脆弱性	CWE-310 暗号の問題	CVE-2010-3332	2010-10-8 17:07	2010-09-17	Show	GitHub Exploit DB Packet Storm

206963	2.6	注意	IBM	-	IBM WebSphere Application Server の Web コンテナにおける重要な情報を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0777	2010-10-8 17:05	2010-05-8	Show	GitHub Exploit DB Packet Storm

206964	5	警告	IBM	-	IBM WebSphere Application Server の Web コンテナにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0776	2010-10-8 17:04	2010-05-8	Show	GitHub Exploit DB Packet Storm

206965	5	警告	Drupal サイバートラスト株式会社	-	Drupal の OpenID モジュールにおける認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2010-3686	2010-10-7 16:40	2010-08-11	Show	GitHub Exploit DB Packet Storm

206966	5	警告	Drupal サイバートラスト株式会社	-	Drupal の OpenID モジュールにおける認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2010-3685	2010-10-7 16:39	2010-08-11	Show	GitHub Exploit DB Packet Storm

206967	5	警告	Drupal サイバートラスト株式会社	-	Drupal の OpenID モジュールにおける認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2010-3091	2010-10-7 16:39	2010-08-11	Show	GitHub Exploit DB Packet Storm

206968	2.1	注意	Drupal サイバートラスト株式会社	-	Drupal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3094	2010-10-7 16:39	2010-08-11	Show	GitHub Exploit DB Packet Storm

206969	3.5	注意	Drupal サイバートラスト株式会社	-	Drupal の comment モジュールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3093	2010-10-7 16:38	2010-08-11	Show	GitHub Exploit DB Packet Storm

206970	5.5	警告	Drupal サイバートラスト株式会社	-	Drupal の upload モジュールにおけるファイルのダウンロード制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3092	2010-10-7 16:37	2010-08-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 13, 2025, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
258511	-	jiros	jbsx	Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System eXperience (JBSX) allow remote attackers to execute arbitrary SQL commands via the (1) admin or (2) password field, a…	CWE-89 SQL Injection	CVE-2009-4218	2017-08-17 10:31	2009-12-8	Show	GitHub Exploit DB Packet Storm

258512	-	raphael_mazoyer	pointcomma	PHP remote file inclusion vulnerability in includes/classes/pctemplate.php in PointComma 3.8b2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pcConfig[smartyPath] …	CWE-94 Code Injection	CVE-2009-4220	2017-08-17 10:31	2009-12-8	Show	GitHub Exploit DB Packet Storm

258513	-	smartisoft	phpbazar	SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767.	CWE-89 SQL Injection	CVE-2009-4221	2017-08-17 10:31	2009-12-8	Show	GitHub Exploit DB Packet Storm

258514	-	gianni_tommasi	kr-php_web_content_server	PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web 1.1b2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.	CWE-94 Code Injection	CVE-2009-4223	2017-08-17 10:31	2009-12-8	Show	GitHub Exploit DB Packet Storm

258515	-	basic-cms	sweetrice	Multiple PHP remote file inclusion vulnerabilities in SweetRice 0.5.4, 0.5.3, and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root_dir parameter to (1) _plugin/subsc…	CWE-20 Improper Input Validation	CVE-2009-4224	2017-08-17 10:31	2009-12-8	Show	GitHub Exploit DB Packet Storm

258516	-	sun	opensolaris	Race condition in the IP module in the kernel in Sun OpenSolaris snv_106 through snv_124 allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vect…	CWE-362 Race Condition	CVE-2009-4226	2017-08-17 10:31	2009-12-9	Show	GitHub Exploit DB Packet Storm

258517	-	xfig	xfig	Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-4227	2017-08-17 10:31	2009-12-9	Show	GitHub Exploit DB Packet Storm

258518	-	activewebsoftwares	active_bids	Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote attackers to execute arbitrary SQL commands via (1) the catid parameter in the PATH_INFO to the default URI or (2…	CWE-89 SQL Injection	CVE-2009-4229	2017-08-17 10:31	2009-12-9	Show	GitHub Exploit DB Packet Storm

258519	-	tim_hockin	acpid	acpid 1.0.4 sets an unrestrictive umask, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file or cause a denial of servi…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2009-4235	2017-08-17 10:31	2009-12-9	Show	GitHub Exploit DB Packet Storm

258520	-	ec-cube	ec-cube_ver2	The process function in data/class/pages/admin/customer/LC_Page_Admin_Customer_SearchCustomer.php in EC-CUBE Ver2 2.4.0 RC1 through 2.4.1, and Community Edition r18068 through r18428, allows remote a…	CWE-200 Information Exposure	CVE-2009-4236	2017-08-17 10:31	2009-12-9	Show	GitHub Exploit DB Packet Storm