Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 15, 2025, 12:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207021	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の dirapi.dll におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3655	2010-11-17 16:49	2010-10-28	Show	GitHub Exploit DB Packet Storm

207022	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の TextXtra.x32 におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2582	2010-11-17 16:49	2010-10-28	Show	GitHub Exploit DB Packet Storm

207023	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の dirapi.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-2581	2010-11-17 16:48	2010-10-28	Show	GitHub Exploit DB Packet Storm

207024	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player に脆弱性	CWE-119 バッファエラー	CVE-2010-3653	2010-11-16 14:49	2010-10-25	Show	GitHub Exploit DB Packet Storm

207025	7.5	危険	富士通	-	Interstage Application Server におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-6258	2010-11-16 14:48	2008-02-19	Show	GitHub Exploit DB Packet Storm

207026	6.5	警告	アップルサイバートラスト株式会社 MySQL AB ターボリナックスレッドハット	-	MySQL におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-1848	2010-11-15 16:20	2010-05-5	Show	GitHub Exploit DB Packet Storm

207027	5	警告	サイバートラスト株式会社 Zabbix	-	Zabbix サーバの trapper/trapper.c 内にある process_trap 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2009-4500	2010-11-15 15:41	2009-07-21	Show	GitHub Exploit DB Packet Storm

207028	9.3	危険	サイバートラスト株式会社 Zabbix	-	Zabbix Agent の net.c 内にある NET_TCP_LISTEN 関数における任意のコマンドを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4502	2010-11-15 15:41	2009-09-10	Show	GitHub Exploit DB Packet Storm

207029	5	警告	サイバートラスト株式会社 Zabbix	-	Zabbix サーバの zbx_get_next_field 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2009-4501	2010-11-15 15:40	2009-11-25	Show	GitHub Exploit DB Packet Storm

207030	7.5	危険	サイバートラスト株式会社 Zabbix	-	Zabbix サーバの get_history_lastid 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4499	2010-11-15 15:40	2009-09-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
260791	-	openvpn	openvpn	Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute config…	NVD-CWE-noinfo CWE-16 Configuration	CVE-2008-3459	2017-08-8 10:31	2008-08-5	Show	GitHub Exploit DB Packet Storm

260792	-	openvpn	openvpn	The following events must take place for successful exploitation: 1) the client has agreed to allow the server to push configuration directives to it by including "pull" or the macro "client" in its…	NVD-CWE-noinfo CWE-16 Configuration	CVE-2008-3459	2017-08-8 10:31	2008-08-5	Show	GitHub Exploit DB Packet Storm

260793	-	panasonic	bb_hcm511 bb_hcm515 bb_hcm527 bb_hcm531 bb_hcm580 bb_hcm581 bl_c111 bl_c131	Cross-site scripting (XSS) vulnerability in the error page feature in Panasonic Network Camera BL-C111, BL-C131, BB-HCM511, BB-HCM531, BB-HCM580, BB-HCM581, BB-HCM527, and BB-HCM515 allows remote att…	CWE-79 Cross-site Scripting	CVE-2008-3482	2017-08-8 10:31	2008-08-6	Show	GitHub Exploit DB Packet Storm

260794	-	screwturn	screwturn_wiki	Cross-site scripting (XSS) vulnerability in ScrewTurn Wiki 2.0.29 and 2.0.30 allows remote attackers to inject arbitrary web script or HTML via error messages in the "/admin.aspx - System Log" page.	CWE-79 Cross-site Scripting	CVE-2008-3483	2017-08-8 10:31	2008-08-6	Show	GitHub Exploit DB Packet Storm

260795	-	aspindir	pcshey_portal	SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter.	CWE-89 SQL Injection	CVE-2008-3495	2017-08-8 10:31	2008-08-7	Show	GitHub Exploit DB Packet Storm

260796	-	ektron	cms4000.net	Unspecified vulnerability in "a page in the workarea folder" in Ektron CMS400.NET 7.00 through 7.04 and 7.50 through 7.52 has unknown impact and attack vectors.	NVD-CWE-noinfo	CVE-2008-3499	2017-08-8 10:31	2008-08-7	Show	GitHub Exploit DB Packet Storm

260797	-	drupal	suggested_terms_module	Cross-site scripting (XSS) vulnerability in the Suggested Terms module 5.x before 5.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via crafted Taxonomy term…	CWE-79 Cross-site Scripting	CVE-2008-3500	2017-08-8 10:31	2008-08-7	Show	GitHub Exploit DB Packet Storm

260798	-	novell	groupwise	Cross-site scripting (XSS) vulnerability in the WebAccess simple interface in Novell Groupwise 7.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2008-3501	2017-08-8 10:31	2008-08-7	Show	GitHub Exploit DB Packet Storm

260799	-	bestpractical	rt	Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service (CPU or memory consumption) via unspecified vectors related…	NVD-CWE-noinfo	CVE-2008-3502	2017-08-8 10:31	2008-08-7	Show	GitHub Exploit DB Packet Storm

260800	-	webgui	plain_black_webgui	RSSFromParent in Plain Black WebGUI before 7.5.13 does not restrict view access to Collaboration System (CS) RSS feeds, which allows remote attackers to obtain sensitive information (CS data).	CWE-287 Improper Authentication	CVE-2008-3503	2017-08-8 10:31	2008-08-7	Show	GitHub Exploit DB Packet Storm