Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 30, 2025, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
208261 5.8 警告 オラクル - Oracle Fusion Middleware の Oracle WebLogic Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-4437 2011-02-14 15:14 2011-01-18 Show GitHub Exploit DB Packet Storm
208262 7.2 危険 サイバートラスト株式会社
レッドハット
SystemTap		 - SystemTap の staprun runtime ツールにおける権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4170 2011-02-10 14:54 2010-11-17 Show GitHub Exploit DB Packet Storm
208263 2.1 注意 サイバートラスト株式会社
レッドハット
SystemTap		 - SystemTap の staprun runtime ツールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4171 2011-02-10 14:53 2010-11-17 Show GitHub Exploit DB Packet Storm
208264 5 警告 The PHP Group
チェック・ポイント・ソフトウェア・テクノロジーズ
レッドハット		 - PHP の zend_strtod 関数にて使用される strtod.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2010-4645 2011-02-10 14:53 2010-12-30 Show GitHub Exploit DB Packet Storm
208265 6.4 警告 オラクル - Oracle Fusion Middleware の Oracle HTTP Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-4455 2011-02-10 12:34 2011-01-18 Show GitHub Exploit DB Packet Storm
208266 7.1 危険 オラクル - Oracle Fusion Middleware の Oracle Document Capture コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3598 2011-02-10 12:29 2011-01-18 Show GitHub Exploit DB Packet Storm
208267 7.5 危険 オラクル - Oracle Fusion Middleware の Services for Beehive コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-4417 2011-02-10 12:13 2011-01-18 Show GitHub Exploit DB Packet Storm
208268 7.8 危険 オラクル - Oracle Fusion Middleware の Oracle Document Capture コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3595 2011-02-10 12:11 2011-01-18 Show GitHub Exploit DB Packet Storm
208269 8.5 危険 オラクル - Oracle Fusion Middleware の Oracle Document Capture コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3592 2011-02-10 11:51 2011-01-18 Show GitHub Exploit DB Packet Storm
208270 9.4 危険 オラクル - Oracle Fusion Middleware の Oracle Document Capture コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3599 2011-02-10 11:44 2011-01-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3271 - - - ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current `umask` settings, meaning that it's po… - CVE-2023-38037 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3272 - - - The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compl… - CVE-2023-28362 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3273 - - - There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. - CVE-2023-28120 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3274 - - - There is a denial of service vulnerability in the header parsing component of Rack. - CVE-2023-27539 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3275 - - - There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code - CVE-2023-27531 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3276 - - - There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potentia… - CVE-2023-23913 2025-01-9 10:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3277 - - - A vulnerability was found in donglight bookstore???????? 1.0.0. It has been rated as problematic. This issue affects the function updateUser of the file src/main/Java/org/zdd/bookstore/web/controller… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2024-13197 2025-01-9 09:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3278 - - - A vulnerability was found in donglight bookstore???????? 1.0.0. It has been declared as problematic. This vulnerability affects the function BookSearchList of the file src/main/java/org/zdd/bookstore… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2024-13196 2025-01-9 09:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3279 - - - A vulnerability was found in donglight bookstore???????? 1.0.0. It has been classified as critical. This affects the function getHtml of the file src/main/java/org/zdd/bookstore/rawl/HttpUtil.java. T… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-13195 2025-01-9 09:15 2025-01-9 Show GitHub Exploit DB Packet Storm
3280 - - - A vulnerability was found in Sucms 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/admin_members.php?ac=search. The manipulation of the argumen… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2024-13194 2025-01-9 09:15 2025-01-9 Show GitHub Exploit DB Packet Storm