Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 11, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231	6.1	警告 Network	John Ahlquist	Blue Triad EZAnalytics	John Ahlquist の WordPress 用 Blue Triad EZAnalytics におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1782	2025-01-9 17:07	2024-03-5	Show	GitHub Exploit DB Packet Storm

232	6.4	警告 Network	Leap13	Premium Addons for Elementor	Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-2664	2025-01-9 16:55	2024-04-10	Show	GitHub Exploit DB Packet Storm

233	5.4	警告 Network	BoldThemes	Bold Page Builder	BoldThemes の WordPress 用 Bold Page Builder におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-2734	2025-01-9 16:55	2024-04-10	Show	GitHub Exploit DB Packet Storm

234	4.8	警告 Network	Esri	Portal for ArcGIS	Esri の Portal for ArcGIS におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-25696	2025-01-9 16:55	2024-04-4	Show	GitHub Exploit DB Packet Storm

235	6.1	警告 Network	Esri	Portal for ArcGIS	Esri の Portal for ArcGIS におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 CWE-94	CVE-2024-25706	2025-01-9 16:55	2024-04-4	Show	GitHub Exploit DB Packet Storm

236	4.8	警告 Network	octoprint.org	OctoPrint	octoprint.org の OctoPrint におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 CWE-79	CVE-2024-28237	2025-01-9 16:55	2024-03-18	Show	GitHub Exploit DB Packet Storm

237	8.8	重要 Network	bluecoral	Advanced Flamingo	bluecoral の WordPress 用 Advanced Flamingo におけるクロスサイトリクエストフォージェリの脆弱性 New	CWE-352 同一生成元ポリシー違反	CVE-2023-52226	2025-01-9 16:47	2023-12-29	Show	GitHub Exploit DB Packet Storm

238	3.3	低 Local		-	アップルの macOS における重要な情報のセキュアでない格納に関する脆弱性 New	CWE-922 CWE-922	CVE-2024-44298	2025-01-9 16:43	2024-10-28	Show	GitHub Exploit DB Packet Storm

239	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における初期化されていないリソースの使用に関する脆弱性 New	CWE-908 初期化されていないリソースの使用	CVE-2024-56769	2025-01-9 16:35	2024-12-11	Show	GitHub Exploit DB Packet Storm

240	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性 New	CWE-noinfo 情報不足	CVE-2024-53096	2025-01-9 16:34	2024-11-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 11, 2025, 5:03 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
276831	-	astaware sun	searchdisc sunone_starter_kit	Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or …	NVD-CWE-Other	CVE-2002-1525	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

276832	-	emumail	emu_webmail	Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field.	NVD-CWE-Other	CVE-2002-1526	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

276833	-	emumail	emu_webmail	emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error tha…	NVD-CWE-Other	CVE-2002-1527	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

276834	-	mondosoft	mondosearch	MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the source code of scripts via the mask parameter.	NVD-CWE-Other	CVE-2002-1528	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

276835	-	surfcontrol	superscout_email_filter	Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to insert arbitrary script or …	NVD-CWE-Other	CVE-2002-1529	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

276836	-	surfcontrol	superscout_email_filter	The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows users to obtain usernames and plaintext passwords via a request to the userlist.asp program, which includes …	NVD-CWE-Other	CVE-2002-1530	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

276837	-	surfcontrol	superscout_email_filter	The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (crash) via an HTTP request without a Content-Length parameter.	NVD-CWE-Other	CVE-2002-1531	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

276838	-	surfcontrol	superscout_email_filter	The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (resource exhaustion) via a GET request without the terminatin…	NVD-CWE-Other	CVE-2002-1532	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

276839	-	jetty	jetty	Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious sc…	NVD-CWE-Other	CVE-2002-1533	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

276840	-	macromedia	flash_player	Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share.	NVD-CWE-Other	CVE-2002-1534	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm