Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 29, 2025, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
208691 10 危険 Google - Google Chrome 内にあるサンドボックスのインフラストラクチャーにおける脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1229 2010-11-24 15:03 2010-03-17 Show GitHub Exploit DB Packet Storm
208692 10 危険 Google - Google Chrome 内にあるサンドボックスのインフラストラクチャーにおける競合状態の脆弱性 CWE-362
競合状態 		CVE-2010-1228 2010-11-24 15:02 2010-03-17 Show GitHub Exploit DB Packet Storm
208693 5 警告 Google - Google Chrome の ChildProcessSecurityPolicy::CanRequestURL 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0664 2010-11-24 15:02 2010-01-25 Show GitHub Exploit DB Packet Storm
208694 5 警告 Google - Google Chrome の ParamTraits::Read 関数における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-0663 2010-11-24 15:02 2010-01-25 Show GitHub Exploit DB Packet Storm
208695 5 警告 Google - Google Chrome の ParamTraits::Read 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2010-0662 2010-11-24 15:01 2010-01-25 Show GitHub Exploit DB Packet Storm
208696 5 警告 Google - Google Chrome における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-0660 2010-11-24 15:01 2010-01-25 Show GitHub Exploit DB Packet Storm
208697 5 警告 Google - Google Chrome における document.styleSheets[0].href のプロパティ値を読まれる脆弱性 CWE-Other
その他 		CVE-2010-0315 2010-11-24 15:01 2010-01-14 Show GitHub Exploit DB Packet Storm
208698 9.3 危険 Google - Google Chrome にて使用される Skia における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-0658 2010-11-24 15:00 2010-01-25 Show GitHub Exploit DB Packet Storm
208699 9.3 危険 Google - Windows 上で稼働する Google Chrome における重要な情報を取得される脆弱性 CWE-Other
その他 		CVE-2010-0657 2010-11-24 15:00 2010-01-25 Show GitHub Exploit DB Packet Storm
208700 9.3 危険 Google - Google Chrome における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0655 2010-11-24 15:00 2010-01-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 29, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1261 - - - Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in ba… - CVE-2025-24014 2025-01-21 12:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1262 6.2 MEDIUM
Local 		- - IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13 stores potentially sensitive information in log files that could be read by a local user with access to… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2024-45091 2025-01-21 10:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1263 - - - Cosmos provides users the ability self-host a home server by acting as a secure gateway to your application, as well as a server manager. By monitoring the error code returned in the login, it is pos… CWE-204
 Response Discrepancy Information Exposure 		CVE-2025-23214 2025-01-21 03:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1264 4.0 MEDIUM
Local 		- - IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which can be read by another user on the system. CWE-525
 Use of Web Browser Cache Containing Sensitive Information 		CVE-2024-22349 2025-01-21 03:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1265 5.3 MEDIUM
Network 		- - IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensiti… CWE-942
 Permissive Cross-domain Policy with Untrusted Domains 		CVE-2024-22348 2025-01-21 03:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1266 5.9 MEDIUM
Network 		- - IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2024-22347 2025-01-21 03:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1267 - - - Fedify is a TypeScript library for building federated server apps powered by ActivityPub and other standards. This vulnerability allows a user to maneuver the Webfinger mechanism to perform a GET req… CWE-918
CWE-835
Server-Side Request Forgery (SSRF) 
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2025-23221 2025-01-21 02:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1268 - - - CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers … CWE-436
 Interpretation Conflict 		CVE-2025-24013 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1269 - - - Vite is a frontend tooling framework for javascript. Vite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of validation… CWE-346
CWE-350
CWE-1385
 Origin Validation Error
 Reliance on Reverse DNS Resolution for a Security-Critical Action
 Missing Origin Validation in WebSockets 		CVE-2025-24010 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm
1270 - - - PwnDoc is a penetration test report generator. There is no CSRF protection in pwndoc, allowing attackers to send requests on a logged-in user's behalf. This includes GET and POST requests due to the … CWE-352
 Origin Validation Error 		CVE-2025-23044 2025-01-21 01:15 2025-01-21 Show GitHub Exploit DB Packet Storm