Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 30, 2025, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
210191	9.3	危険	レッドハットリアルネットワークス	-	Realnetworks RealPlayer の smlrender.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4257	2010-02-17 11:48	2010-01-19	Show	GitHub Exploit DB Packet Storm

210192	9.3	危険	レッドハットリアルネットワークス	-	Realnetworks RealPlayer におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4245	2010-02-17 11:48	2010-01-19	Show	GitHub Exploit DB Packet Storm

210193	9.3	危険	リアルネットワークス	-	Realnetworks RealPlayer における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4244	2010-02-17 11:48	2010-01-19	Show	GitHub Exploit DB Packet Storm

210194	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer の DLL ファイルにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-0376	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

210195	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer の DLL ファイルにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-0375	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

210196	9.3	危険	リアルネットワークス	-	Realnetworks RealPlayer における HTTP のチャンク転送コーディングの処理に関する脆弱性	CWE-119 バッファエラー	CVE-2009-4243	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

210197	9.3	危険	レッドハットリアルネットワークス	-	Realnetworks RealPlayer における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4242	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

210198	9.3	危険	リアルネットワークス	-	Realnetworks RealPlayer における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4241	2010-02-17 11:46	2010-01-19	Show	GitHub Exploit DB Packet Storm

210199	4.4	警告	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の z90crypt ドライバにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-1883	2010-02-17 11:46	2009-09-15	Show	GitHub Exploit DB Packet Storm

210200	7.2	危険	サイバートラスト株式会社 Linux ターボリナックスレッドハット	-	Linux kernel の udp_sendmsg 関数における権限昇格の脆弱性	CWE-DesignError	CVE-2009-2698	2010-02-17 11:45	2009-08-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 30, 2025, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
41	-		-	-	A vulnerability found in Xerox Workplace Suite allows arbitrary file read, upload, and deletion on the server through crafted header manipulation. By exploiting improper validation of headers, attack… Update	-	CVE-2024-55926	2025-01-29 21:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

42	-		-	-	In Xerox Workplace Suite, an API restricted to specific hosts can be bypassed by manipulating the Host header. If the server improperly validates or trusts the Host header without verifying the actua… Update	-	CVE-2024-55925	2025-01-29 21:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

43	-		-	-	An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential enti… New	CWE-776 XML Entity Expansion	CVE-2025-0617	2025-01-29 20:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

44	-		-	-	When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root ( https://githu… New	-	CVE-2021-3978	2025-01-29 19:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

45	-		-	-	In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute('href',href) call. NOTE: some parties feel that… New	-	CVE-2024-57965	2025-01-29 19:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

46	-		-	-	Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of … New	-	CVE-2024-7695	2025-01-29 17:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

47	7.2	HIGH Network	-	-	The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wishlist_name’ parameter in all versions up to, … New	CWE-79 Cross-site Scripting	CVE-2024-13696	2025-01-29 17:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

48	6.4	MEDIUM Network	-	-	The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via link titles in all versions up t… New	CWE-79 Cross-site Scripting	CVE-2025-0804	2025-01-29 13:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

49	4.3	MEDIUM Network	-	-	A vulnerability was found in code-projects Job Recruitment 1.0. It has been rated as problematic. This issue affects some unknown processing of the file _call_job_search_ajax.php. The manipulation of… New	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2025-0806	2025-01-29 12:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

50	-		-	-	The old versions of EXIF Viewer Classic contain a cross-site scripting vulnerability caused by improper handling of EXIF meta data. When an image is rendered and crafted EXIF meta data is processed, … New	CWE-79 Cross-site Scripting	CVE-2025-23362	2025-01-29 11:15	2025-01-29	Show	GitHub Exploit DB Packet Storm