Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 12:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201	6.1	警告 Network	Liferay	Digital Experience Platform Liferay Portal	Liferay の Liferay Portal および Digital Experience Platform におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 CWE-79	CVE-2023-42496	2025-01-29 11:38	2023-09-11	Show	GitHub Exploit DB Packet Storm

202	6.1	警告 Network	Liferay	Digital Experience Platform Liferay Portal	Liferay の Liferay Portal および Digital Experience Platform におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 CWE-79	CVE-2023-42498	2025-01-29 11:38	2023-09-11	Show	GitHub Exploit DB Packet Storm

203	5.4	警告 Network	wpmilitary	wp radio	wpmilitary の WordPress 用 wp radio における認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2024-1042	2025-01-29 11:38	2024-04-10	Show	GitHub Exploit DB Packet Storm

204	5.4	警告 Network	creativethemes	blocksy companion	creativethemes の WordPress 用 blocksy companion におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-2392	2025-01-29 11:38	2024-03-22	Show	GitHub Exploit DB Packet Storm

205	8.1	重要 Network		-	IBM の Security Verify Access における証明書検証に関する脆弱性 New	CWE-295 不正な証明書検証	CVE-2024-31872	2025-01-29 11:32	2024-04-10	Show	GitHub Exploit DB Packet Storm

206	5.4	警告 Network	HasThemes	HT Mega - Absolute Addons For Elementor	HasThemes の WordPress 用 HT Mega - Absolute Addons For Elementor におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-30182	2025-01-29 11:00	2024-03-27	Show	GitHub Exploit DB Packet Storm

207	8.8	重要 Local	ZTE	ZXCLOUD iRAI	ZTE の ZXCLOUD iRAI における不適切なデフォルトパーミッションに関する脆弱性 New	CWE-276 CWE-346	CVE-2024-22062	2025-01-29 10:59	2024-07-9	Show	GitHub Exploit DB Packet Storm

208	8.1	重要 Network	GLPI-PROJECT.ORG	GLPI	GLPI-PROJECT.ORG の GLPI における SQL インジェクションの脆弱性 New	CWE-89 CWE-89	CVE-2024-29889	2025-01-29 10:59	2024-05-7	Show	GitHub Exploit DB Packet Storm

209	7.3	重要 Local	インテル	Intel Driver and Support Assistant	インテルの Intel Driver and Support Assistant における制御されていない検索パスの要素に関する脆弱性 New	CWE-427 CWE-427	CVE-2023-45743	2025-01-29 10:54	2023-10-12	Show	GitHub Exploit DB Packet Storm

210	6.1	警告 Network	Incsub	forminator	Incsub の WordPress 用 forminator におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1794	2025-01-29 10:54	2024-04-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
279551	-	datawizard	ftpxq	Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial of service (crash) via a MKD command with a long directory name.	NVD-CWE-Other	CVE-2002-1920	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

279552	-	jelsoft	vbulletin	Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBulletin 2.0.0 through 2.2.8 allows remote attackers to inject arbitrary web script or HTML via the (1) $scriptpath or (2) $url vari…	NVD-CWE-Other	CVE-2002-1922	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

279553	-	apc	powerchute	PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that directory.	NVD-CWE-Other	CVE-2002-1924	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

279554	-	tiny_software	tiny_personal_firewall	Tiny Personal Firewall 3.0 through 3.0.6 allows remote attackers to cause a denial of service (crash) by via SYN, UDP, ICMP and TCP portscans when the administrator selects the Log tab of the Persona…	NVD-CWE-Other	CVE-2002-1925	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

279555	-	aquonics_scripting	aquonics_file_manager	Directory traversal vulnerability in source.php in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP query string.	NVD-CWE-Other	CVE-2002-1926	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

279556	-	software602	602pro_lan_suite	602Pro LAN SUITE 2002 allows remote attackers to view the directory tree via an HTTP GET request with a trailing "~" (tilde) or ".bak" extension.	NVD-CWE-Other	CVE-2002-1928	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

279557	-	php_arena	pafiledb	Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena paFileDB 1.1.3 through 3.0 allows remote attackers to inject arbitrary web script or HTML via the query string in the (1) rate, (…	NVD-CWE-Other	CVE-2002-1929	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

279558	-	an	an-httpd	Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username.	NVD-CWE-Other	CVE-2002-1930	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

279559	-	php_arena	pafiledb	Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string.	NVD-CWE-Other	CVE-2002-1931	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

279560	-	microsoft	windows_2000_terminal_services	The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized, which could allow local users to gain access to the terminal s…	NVD-CWE-Other	CVE-2002-1933	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm