Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
281 6.1 警告
Network 		Liferay Digital Experience Platform
Liferay Portal 		Liferay の Liferay Portal および Digital Experience Platform におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-79
CVE-2024-26269 2025-01-29 10:54 2024-02-21 Show GitHub Exploit DB Packet Storm
282 5.4 警告
Network 		Themeum tutor lms elementor addons Themeum の WordPress 用 tutor lms elementor addons におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-29913 2025-01-29 10:54 2024-03-27 Show GitHub Exploit DB Packet Storm
283 8.8 重要
Network 		Elementor Elementor Website Builder Elementor の WordPress 用 Elementor Website Builder における危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2023-48777 2025-01-29 10:43 2023-11-18 Show GitHub Exploit DB Packet Storm
284 6.1 警告
Network 		Liferay Digital Experience Platform
Liferay Portal 		Liferay の Liferay Portal および Digital Experience Platform におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-11993 2025-01-29 10:43 2024-12-17 Show GitHub Exploit DB Packet Storm
285 5.4 警告
Network 		Elementor Elementor Website Builder Elementor の WordPress 用 Elementor Website Builder におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-2120 2025-01-29 10:43 2024-03-27 Show GitHub Exploit DB Packet Storm
286 6.5 警告
Network 		デル insightiq デルの insightiq における脆弱性 CWE-284
CWE-Other
CVE-2024-25962 2025-01-29 10:43 2024-03-27 Show GitHub Exploit DB Packet Storm
287 5.4 警告
Network 		WebTechStreet Elementor Addon Elements WebTechStreet の WordPress 用 Elementor Addon Elements におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-29107 2025-01-29 10:43 2024-03-19 Show GitHub Exploit DB Packet Storm
288 5.4 警告
Network 		master-addons master addons master-addons の WordPress 用 master addons におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-29911 2025-01-29 10:43 2024-03-27 Show GitHub Exploit DB Packet Storm
289 9.8 緊急
Network 		Mikko Saari Relevanssi Mikko Saari の WordPress 用 Relevanssi における CSV ファイル内の数式要素の中和に関する脆弱性 CWE-1236
CSV ファイル内の数式要素の不適切な中和 		CVE-2024-3214 2025-01-29 10:43 2024-04-9 Show GitHub Exploit DB Packet Storm
290 7.5 重要
Network 		JetBrains YouTrack JetBrains の YouTrack における証明書検証に関する脆弱性 CWE-295
CWE-295
CVE-2024-35299 2025-01-29 10:43 2024-05-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 1, 2025, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274711 - nos_microsystems getplus_download_manager Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1.2.2.50 in NOS Microsystems getPlus Download Manager, as used for the Adobe Reader 8.1 installation process and other downloads, … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-5364 2010-10-25 13:00 2008-12-8 Show GitHub Exploit DB Packet Storm
274712 - ibm db2 The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact an… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-4331 2010-10-7 14:44 2009-12-17 Show GitHub Exploit DB Packet Storm
274713 - ibm db2 IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP2 does not perform the expected drops of certain table functions upon a loss of privileges by the functions' definers, which ha… NVD-CWE-noinfo
CVE-2009-3471 2010-10-7 14:42 2009-09-30 Show GitHub Exploit DB Packet Storm
274714 - opera opera_browser Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers… CWE-200
Information Exposure 		CVE-2010-0653 2010-09-21 14:46 2010-02-19 Show GitHub Exploit DB Packet Storm
274715 - fujitsu e-pares Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attackers to hijack web sessions via unspecified vectors. CWE-287
Improper Authentication 		CVE-2010-2149 2010-09-21 13:00 2010-06-4 Show GitHub Exploit DB Packet Storm
274716 - linux linux_kernel umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen… NVD-CWE-Other
CVE-2007-0822 2010-09-15 14:43 2007-02-8 Show GitHub Exploit DB Packet Storm
274717 - suse suse_linux Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations." CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-0460 2010-09-15 14:41 2007-01-24 Show GitHub Exploit DB Packet Storm
274718 - clam_anti-virus clamav Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference. NVD-CWE-Other
CVE-2006-5874 2010-09-15 14:30 2006-12-10 Show GitHub Exploit DB Packet Storm
274719 - php_group php Unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unknown impact and attack vectors related to heap corruption. NVD-CWE-Other
CVE-2006-3018 2010-09-15 13:54 2006-06-15 Show GitHub Exploit DB Packet Storm
274720 - mono mono The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as dem… CWE-79
Cross-site Scripting 		CVE-2010-1459 2010-09-9 14:41 2010-05-28 Show GitHub Exploit DB Packet Storm