Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
261	5.4	警告 Network	creativethemes	blocksy companion	creativethemes の WordPress 用 blocksy companion におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-4487	2025-01-29 13:46	2024-05-14	Show	GitHub Exploit DB Packet Storm

262	8.1	重要 Network	miniOrange	Miniorange OTP Verification with Firebase	miniOrange の WordPress 用 Miniorange OTP Verification with Firebase における重要な機能に対する認証の欠如に関する脆弱性	CWE-288 CWE-306	CVE-2024-9861	2025-01-29 13:46	2024-10-17	Show	GitHub Exploit DB Packet Storm

263	5.5	警告 Local	デル	Dell Grab	デルの Windows 用 Dell Grab におけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2024-25957	2025-01-29 12:07	2024-03-26	Show	GitHub Exploit DB Packet Storm

264	5.4	警告 Network	HasThemes	HT Mega - Absolute Addons For Elementor	HasThemes の WordPress 用 HT Mega - Absolute Addons For Elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-3989	2025-01-29 11:46	2024-05-14	Show	GitHub Exploit DB Packet Storm

265	5.4	警告 Network	creativethemes	blocksy	creativethemes の WordPress 用 blocksy におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-4158	2025-01-29 11:46	2024-05-14	Show	GitHub Exploit DB Packet Storm

266	7.3	重要 Local	インテル	Quartus Prime	インテルの Quartus Prime における制御されていない検索パスの要素に関する脆弱性	CWE-427 CWE-427	CVE-2024-21777	2025-01-29 11:46	2024-05-16	Show	GitHub Exploit DB Packet Storm

267	7.3	重要 Local	インテル	Quartus Prime	インテルの Quartus Prime における制御されていない検索パスの要素に関する脆弱性	CWE-427 CWE-427	CVE-2024-21862	2025-01-29 11:46	2024-05-16	Show	GitHub Exploit DB Packet Storm

268	9.8	緊急 Network	クアルコム	(複数の製品)	キヤノン製スモールオフィス向け複合機およびレーザービームプリンターにおける複数の境界外書き込みの脆弱性	CWE-787 境界外書き込み	CVE-2024-12647 CVE-2024-12648 CVE-2024-12649	2025-01-29 11:42	2025-01-28	Show	GitHub Exploit DB Packet Storm

269	5.4	警告 Network	Extend Themes	colibri page builder	Extend Themes の WordPress 用 colibri page builder におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-3337	2025-01-29 11:42	2024-05-2	Show	GitHub Exploit DB Packet Storm

270	5.4	警告 Network	Liferay	Digital Experience Platform Liferay Portal	Liferay の Liferay Portal および Digital Experience Platform におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2024-25151	2025-01-29 11:42	2024-02-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 6, 2025, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274291	-	miredo	miredo	Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client.	NVD-CWE-Other	CVE-2006-6858	2011-03-8 11:47	2006-12-31	Show	GitHub Exploit DB Packet Storm

274292	-	avahi	avahi	The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that poi…	NVD-CWE-Other	CVE-2006-6870	2011-03-8 11:47	2006-12-31	Show	GitHub Exploit DB Packet Storm

274293	-	avahi	avahi	This vulnerability is addressed in the following product release: Avahi, Avahi, 0.6.16	NVD-CWE-Other	CVE-2006-6870	2011-03-8 11:47	2006-12-31	Show	GitHub Exploit DB Packet Storm

274294	-	jonathon_freeman	ovbb	Cross-site scripting (XSS) vulnerability in the GetLocation function in online.php in Jonathon J. Freeman OvBB 0.13a allows remote attackers to inject arbitrary web script or HTML via the aRequest va…	NVD-CWE-Other	CVE-2006-6892	2011-03-8 11:47	2006-12-31	Show	GitHub Exploit DB Packet Storm

274295	-	phpmyfaq	phpmyfaq	Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to upload arbitrary PHP scripts via unspecified vectors.	NVD-CWE-Other	CVE-2006-6913	2011-03-8 11:47	2006-12-31	Show	GitHub Exploit DB Packet Storm

274296	-	ibm	aix	Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors.	NVD-CWE-Other	CVE-2006-6914	2011-03-8 11:47	2006-12-31	Show	GitHub Exploit DB Packet Storm

274297	-	ibm	aix	ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources.	NVD-CWE-Other	CVE-2006-6915	2011-03-8 11:47	2006-12-31	Show	GitHub Exploit DB Packet Storm

274298	-	deadlock_user_management_system	deadlock_user_management_system	SQL injection vulnerability in Deadlock User Management System (phpdeadlock) 0.64 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.	NVD-CWE-Other	CVE-2006-6922	2011-03-8 11:47	2007-01-13	Show	GitHub Exploit DB Packet Storm

274299	-	bitweaver	bitweaver	SQL injection vulnerability in newsletters/edition.php in bitweaver 1.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the tk parameter.	NVD-CWE-Other	CVE-2006-6923	2011-03-8 11:47	2007-01-13	Show	GitHub Exploit DB Packet Storm

274300	-	owa	owa	Buffer overflow in the ParseHeader function in clsOWA.cls in POP3/SMTP to OWA (pop2owa) 1.1.3 allows remote attackers to execute arbitrary code via a long header in an e-mail message.	NVD-CWE-Other	CVE-2006-6940	2011-03-8 11:47	2007-01-17	Show	GitHub Exploit DB Packet Storm