Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 18, 2025, 10:05 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
221 7.5 重要
Network
マイクロソフト Microsoft Windows 10
Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server&…
Windows ライトウェイト ディレクトリ アクセス プロトコル (LDAP) のサービス拒否の脆弱性 New CWE-476
CWE-noinfo
CVE-2024-49121 2025-01-17 10:55 2024-12-10 Show GitHub Exploit DB Packet Storm
222 8.1 重要
Network
マイクロソフト Microsoft Windows Server 2019
Microsoft Windows Server 2016
Microsoft Windows Server 2025
Microsoft Windows Server 2022
Windows リモート デスクトップ サービスのリモートでコードが実行される脆弱性 New CWE-362
CWE-416
CVE-2024-49116 2025-01-17 10:51 2024-12-10 Show GitHub Exploit DB Packet Storm
223 8.1 重要
Network
マイクロソフト Microsoft Windows 10
Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server&…
Microsoft Message Queuing (MSMQ) のリモートでコードが実行される脆弱性 New CWE-362
CWE-416
CVE-2024-49118 2025-01-17 10:47 2024-12-10 Show GitHub Exploit DB Packet Storm
224 8.8 重要
Network
マイクロソフト Microsoft SQL Server
Microsoft ODBC Driver
Microsoft Visual Studio
SQL Server 用 Microsoft ODBC ドライバーのリモートでコードが実行される脆弱性 New CWE-190
CWE-noinfo
CVE-2024-28931 2025-01-17 10:42 2024-04-9 Show GitHub Exploit DB Packet Storm
225 7.8 重要
Local
アドビシステムズ Adobe Illustrator アドビの Ipad Os 用 Adobe Illustrator における整数アンダーフローの脆弱性 New CWE-191
整数アンダーフロー
CVE-2025-21134 2025-01-17 10:41 2025-01-14 Show GitHub Exploit DB Packet Storm
226 5.4 警告
Network
Wpmet ElementsKit Elementor addons Wpmet の WordPress 用 ElementsKit Elementor addons におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-1238 2025-01-17 10:29 2024-03-30 Show GitHub Exploit DB Packet Storm
227 5.4 警告
Network
Brizy brizy Brizy の WordPress 用 brizy におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-1293 2025-01-17 10:29 2024-03-13 Show GitHub Exploit DB Packet Storm
228 4.3 警告
Network
wpmoose Yuki wpmoose の WordPress 用 Yuki における認証の欠如に関する脆弱性 New CWE-862
認証の欠如
CVE-2024-1388 2025-01-17 10:29 2024-02-28 Show GitHub Exploit DB Packet Storm
229 5.3 警告
Network
zestard admin side data storage for contact form 7 zestard の WordPress 用 admin side data storage for contact form 7 における認証の欠如に関する脆弱性 New CWE-862
認証の欠如
CVE-2024-1778 2025-01-17 10:29 2024-02-23 Show GitHub Exploit DB Packet Storm
230 6.5 警告
Network
Brizy brizy Brizy の WordPress 用 brizy における認証の欠如に関する脆弱性 New CWE-862
認証の欠如
CVE-2024-1937 2025-01-17 10:29 2024-07-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 18, 2025, 4:13 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
278791 - oliver_debon flash Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plugin) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long DefineSound tag. NVD-CWE-Other
CVE-2001-0127 2008-09-6 05:23 2001-03-12 Show GitHub Exploit DB Packet Storm
278792 - trend_micro interscan_viruswall Interscan VirusWall 3.6.x and earlier follows symbolic links when uninstalling the product, which allows local users to overwrite arbitrary files via a symlink attack. NVD-CWE-Other
CVE-2001-0132 2008-09-6 05:23 2001-03-12 Show GitHub Exploit DB Packet Storm
278793 - trend_micro interscan_viruswall The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator … NVD-CWE-Other
CVE-2001-0133 2008-09-6 05:23 2001-03-12 Show GitHub Exploit DB Packet Storm
278794 - van_dyke_technologies vshell Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers. NVD-CWE-Other
CVE-2001-0155 2008-09-6 05:23 2001-06-2 Show GitHub Exploit DB Packet Storm
278795 - lucent
orinoco
wavelan
orinoco_wavelan
Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vector (IV) values for the Wireless Encryption Protocol (WEP) which allows remote attackers to quickly compile information that will l… NVD-CWE-Other
CVE-2001-0160 2008-09-6 05:23 2001-01-1 Show GitHub Exploit DB Packet Storm
278796 - cisco aironet Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks. NVD-CWE-Other
CVE-2001-0161 2008-09-6 05:23 2001-01-1 Show GitHub Exploit DB Packet Storm
278797 - cisco aironet_ap340 Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. NVD-CWE-Other
CVE-2001-0163 2008-09-6 05:23 2001-01-1 Show GitHub Exploit DB Packet Storm
278798 - free_java_web_server free_java_web_server Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. NVD-CWE-Other
CVE-2001-0186 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm
278799 - davide_libenzi xmail Buffer overflows in CTRLServer in XMail allows attackers to execute arbitrary commands via the cfgfileget or domaindel functions. NVD-CWE-Other
CVE-2001-0192 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm
278800 - heat-on_software hsweb HSWeb 2.0 HTTP server allows remote attackers to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled. NVD-CWE-Other
CVE-2001-0200 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm