Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 10, 2025, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
207041 4.3 警告 Opera Software ASA - Opera におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4196 2010-09-27 16:02 2008-09-27 Show GitHub Exploit DB Packet Storm
207042 5 警告 Opera Software ASA - Opera における任意のアドレスの表示を誘発させられる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-4195 2010-09-27 16:02 2008-09-27 Show GitHub Exploit DB Packet Storm
207043 6.8 警告 Opera Software ASA - Opera における HTTP セッションハイジャックの脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-3172 2010-09-27 16:01 2008-07-14 Show GitHub Exploit DB Packet Storm
207044 10 危険 Opera Software ASA - Windows 上で稼働する Opera における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2008-3079 2010-09-27 16:01 2008-07-9 Show GitHub Exploit DB Packet Storm
207045 7.8 危険 Opera Software ASA - Opera における初期化されていないメモリコンテンツを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2008-3078 2010-09-27 16:01 2008-07-9 Show GitHub Exploit DB Packet Storm
207046 5 警告 Opera Software ASA - Opera における信頼されたフレームのコンテンツを偽装される脆弱性 CWE-DesignError
CVE-2008-2716 2010-09-27 16:00 2008-06-16 Show GitHub Exploit DB Packet Storm
207047 5 警告 Opera Software ASA - Opera におけるクロスドメインの脆弱性 CWE-200
情報漏えい 		CVE-2008-2715 2010-09-27 16:00 2008-06-16 Show GitHub Exploit DB Packet Storm
207048 5 警告 Opera Software ASA - Opera における Web ページのアドレスを偽装される脆弱性 CWE-DesignError
CVE-2008-2714 2010-09-27 15:59 2008-06-16 Show GitHub Exploit DB Packet Storm
207049 9.3 危険 Opera Software ASA - Opera におけるパスワード入力時のキーボードハンドリングの処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2008-1764 2010-09-27 15:59 2008-04-12 Show GitHub Exploit DB Packet Storm
207050 9.3 危険 Opera Software ASA - Opera における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2008-1762 2010-09-27 15:58 2008-04-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 10, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
258181 - redmine redmine Cross-site request forgery (CSRF) vulnerability in Redmine 0.8.5 and earlier allows remote attackers to hijack the authentication of users for requests that delete a ticket via unspecified vectors. CWE-352
 Origin Validation Error 		CVE-2009-4079 2017-08-17 10:31 2009-11-26 Show GitHub Exploit DB Packet Storm
258182 - lanifex outreach_project_tool PHP remote file inclusion vulnerability in forums/Forum_Include/index.php in Outreach Project Tool (OPT) 1.2.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CRM_p… CWE-94
Code Injection 		CVE-2009-4082 2017-08-17 10:31 2009-11-29 Show GitHub Exploit DB Packet Storm
258183 - jabba_laci phptraverser PHP remote file inclusion vulnerability in assets/plugins/mp3_id/mp3_id.php in PHP Traverser 0.8.0 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[BASE] parameter. NOT… CWE-94
Code Injection 		CVE-2009-4085 2017-08-17 10:31 2009-11-29 Show GitHub Exploit DB Packet Storm
258184 - javascript xerver_http_server CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the… CWE-20
 Improper Input Validation  		CVE-2009-4086 2017-08-17 10:31 2009-11-29 Show GitHub Exploit DB Packet Storm
258185 - telepark telepark.wiki Cross-site scripting (XSS) vulnerability in index.php in telepark.wiki 2.4.23 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. CWE-79
Cross-site Scripting 		CVE-2009-4087 2017-08-17 10:31 2009-11-29 Show GitHub Exploit DB Packet Storm
258186 - telepark telepark.wiki Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php… CWE-22
Path Traversal 		CVE-2009-4088 2017-08-17 10:31 2009-11-29 Show GitHub Exploit DB Packet Storm
258187 - telepark telepark.wiki telepark.wiki 2.4.23 and earlier allows remote attackers to bypass authorization and (1) delete arbitrary pages via a modified pageID parameter to ajax/deletePage.php or (2) delete arbitrary comments… CWE-287
Improper Authentication 		CVE-2009-4089 2017-08-17 10:31 2009-11-29 Show GitHub Exploit DB Packet Storm
258188 - telepark telepark.wiki Unrestricted file upload vulnerability in ajax/addComment.php in telepark.wiki 2.4.23 and earlier script allows remote attackers to execute arbitrary code by uploading a file with a name containing a… CWE-20
 Improper Input Validation  		CVE-2009-4090 2017-08-17 10:31 2009-11-29 Show GitHub Exploit DB Packet Storm
258189 - simplog simplog comments.php in Simplog 0.9.3.2, and possibly earlier, does not properly restrict access, which allows remote attackers to edit or delete comments via the (1) edit or (2) del action. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-4091 2017-08-17 10:31 2009-11-29 Show GitHub Exploit DB Packet Storm
258190 - simplog simplog Cross-site request forgery (CSRF) vulnerability in user.php in Simplog 0.9.3.2, and possibly earlier, allows remote attackers to hijack the authentication of administrators and users for requests tha… CWE-352
 Origin Validation Error 		CVE-2009-4092 2017-08-17 10:31 2009-11-29 Show GitHub Exploit DB Packet Storm