Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 30, 2025, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
210271 7.5 危険 IBM - IBM DB2 の Relational Data Services コンポーネントにおけるパスワードの引数を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4333 2010-02-4 11:19 2009-12-16 Show GitHub Exploit DB Packet Storm
210272 7.2 危険 IBM - IBM DB2 の Engine Utilities コンポーネントの db2licm における脆弱性 CWE-noinfo
情報不足 		CVE-2009-4330 2010-02-4 11:18 2009-12-16 Show GitHub Exploit DB Packet Storm
210273 4 警告 IBM - IBM DB2 の Engine Utilities コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-4329 2010-02-4 11:18 2009-12-16 Show GitHub Exploit DB Packet Storm
210274 7.2 危険 サイバートラスト株式会社
Linux		 - Linux kernel の kvm_dev_ioctl_get_supported_cpuid 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-3638 2010-02-3 14:35 2009-10-29 Show GitHub Exploit DB Packet Storm
210275 5 警告 Linear LLC
S2 Security		 - Linear eMerge のマネージメントコンポーネントにおけるサービス運用妨害 (DoS) CWE-noinfo
情報不足 		CVE-2009-3734 2010-02-3 14:35 2010-01-5 Show GitHub Exploit DB Packet Storm
210276 7.5 危険 The PHP Group
LibGD project
サイバートラスト株式会社
レッドハット		 - PHP および GD Graphics Library の _gdGetColors 関数におけるバッファオーバーフローの脆弱性 CWE-Other
その他 		CVE-2009-3546 2010-02-3 14:34 2009-10-19 Show GitHub Exploit DB Packet Storm
210277 6.8 警告 GNU Project
XEmacs
サイバートラスト株式会社		 - Emacs および XEmacs における .flc ファイルの処理に関する任意のコードを実行される脆弱性 CWE-DesignError
CVE-2008-2142 2010-02-2 11:43 2008-05-12 Show GitHub Exploit DB Packet Storm
210278 3.5 注意 Drupal
サイバートラスト株式会社		 - Drupal の Menu モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4370 2010-02-2 11:43 2009-12-16 Show GitHub Exploit DB Packet Storm
210279 3.5 注意 Drupal
サイバートラスト株式会社		 - Drupal の Contact モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4369 2010-02-2 11:42 2009-12-16 Show GitHub Exploit DB Packet Storm
210280 7.5 危険 日立 - Cosminexus、Processing Kit for XML および Hitachi Developer's Kit for Java におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		- 2010-02-2 11:42 2009-12-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
881 - - - A reachable assertion in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an… - CVE-2023-37024 2025-01-24 04:15 2025-01-22 Show GitHub Exploit DB Packet Storm
882 - - - Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.2.0, when sharing an item, a typical user can specify an arbitrary role. It allows the user to use… CWE-269
 Improper Privilege Management 		CVE-2025-24353 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
883 - - - @fastify/multipart is a Fastify plugin for parsing the multipart content-type. Prior to versions 8.3.1 and 9.0.3, the `saveRequestFiles` function does not delete the uploaded temporary files when use… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2025-24033 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
884 - - - Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is vulnerable to leaking credentials in d… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2025-24034 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
885 6.4 MEDIUM
Network 		- - IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript … CWE-79
Cross-site Scripting 		CVE-2025-23227 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
886 - - - RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython… CWE-843
Type Confusion 		CVE-2025-22153 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
887 6.0 MEDIUM
Local 		- - IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. which could also cause a denial of service. CWE-471
 Modification of Assumed-Immutable Data (MAID) 		CVE-2024-45672 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
888 - - - A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records … - CVE-2025-0650 2025-01-24 03:15 2025-01-24 Show GitHub Exploit DB Packet Storm
889 - - - A reachable assertion in the mme_ue_find_by_imsi function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. - CVE-2024-24430 2025-01-24 03:15 2025-01-23 Show GitHub Exploit DB Packet Storm
890 - - - When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffe… - CVE-2025-0395 2025-01-24 03:15 2025-01-22 Show GitHub Exploit DB Packet Storm