Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 23, 2025, 6:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
21 4.3 警告
Network
07fly 07FlyCms 07fly の 07FlyCms におけるクロスサイトリクエストフォージェリの脆弱性 New CWE-352
同一生成元ポリシー違反
CVE-2024-57161 2025-01-23 12:46 2025-01-16 Show GitHub Exploit DB Packet Storm
22 7.8 重要
Local
マイクロソフト Microsoft Windows Server 2022
Microsoft Windows Server 2025
Internet Explorer のリモートでコードが実行される脆弱性 New CWE-843
CWE-noinfo
CVE-2025-21326 2025-01-23 12:16 2025-01-14 Show GitHub Exploit DB Packet Storm
23 5.5 警告
Local
マイクロソフト Microsoft Windows Server 2022
Microsoft Windows Server 2016
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microso…
Windows カーネル メモリの情報漏えいの脆弱性 New CWE-532
CWE-noinfo
CVE-2025-21319 2025-01-23 12:11 2025-01-14 Show GitHub Exploit DB Packet Storm
24 5.5 警告
Local
マイクロソフト Microsoft Windows Server 2022
Microsoft Windows Server 2016
Microsoft Windows Server 2012
Microsoft Windows 10
Microsoft Window…
Windows カーネル メモリの情報漏えいの脆弱性 New CWE-532
CWE-noinfo
CVE-2025-21316 2025-01-23 12:06 2025-01-14 Show GitHub Exploit DB Packet Storm
25 6.5 警告
Network
Mozilla Foundation Mozilla Firefox Mozilla Foundation の Mozilla Firefox における脆弱性 New CWE-noinfo
情報不足
CVE-2024-4774 2025-01-23 12:02 2024-05-14 Show GitHub Exploit DB Packet Storm
26 4.3 警告
Network
フォーティネット FortiManager フォーティネットの FortiManager における脆弱性 New CWE-200
CWE-noinfo
CVE-2024-33506 2025-01-23 12:00 2024-10-8 Show GitHub Exploit DB Packet Storm
27 7.8 重要
Local
マイクロソフト Microsoft Windows 11
Microsoft Windows Server 2022
Microsoft Windows Server 2025
Microsoft Resilient File System の特権昇格の脆弱性 New CWE-416
CWE-noinfo
CVE-2025-21315 2025-01-23 11:58 2025-01-14 Show GitHub Exploit DB Packet Storm
28 4.3 警告
Network
マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2022
Microsoft Window…
MapUrlToZone セキュリティ機能のバイパスの脆弱性 New CWE-41
CWE-noinfo
CVE-2025-21329 2025-01-23 11:58 2025-01-14 Show GitHub Exploit DB Packet Storm
29 4.9 警告
Network
フォーティネット FortiAnalyzer
FortiManager
FortiAnalyzer-BigData
複数のフォーティネット製品におけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル
CVE-2024-32117 2025-01-23 11:50 2024-11-12 Show GitHub Exploit DB Packet Storm
30 8.8 重要
Network
Shenzhen Tenda Technology Co.,Ltd. AC7 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の AC7 ファームウェアにおける境界外書き込みに関する脆弱性 New CWE-121
CWE-787
CVE-2024-2900 2025-01-23 11:49 2024-03-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
278341 - debian mime-support run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. NVD-CWE-Other
CVE-2003-0214 2008-09-6 05:33 2003-05-12 Show GitHub Exploit DB Packet Storm
278342 - frontrange goldmine FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser without setting its security zone or otherwise labeling it untrusted, which allows remote attacker… NVD-CWE-Other
CVE-2003-0241 2008-09-6 05:33 2003-06-9 Show GitHub Exploit DB Packet Storm
278343 - adobe acrobat Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated… NVD-CWE-Other
CVE-2003-0284 2008-09-6 05:33 2003-06-16 Show GitHub Exploit DB Packet Storm
278344 - neosoft neobook The NBActiveX.ocx ActiveX control in NeoBook 4 allows remote attackers to install and execute arbitrary programs. NVD-CWE-Other
CVE-2002-2352 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
278345 - netgear fm114p Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. CWE-20
 Improper Input Validation 
CVE-2002-2354 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
278346 - netgear fm114p Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other informa… CWE-255
Credentials Management
CVE-2002-2355 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
278347 - hamweather hamweather HAMweather 2.x allows remote attackers to modify administrative settings and obtain sensitive information via a direct request to hwadmin.cgi. CWE-264
Permissions, Privileges, and Access Controls
CVE-2002-2356 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
278348 - mailenable mailenable MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2002-2357 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
278349 - opera_software opera_web_browser Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL. CWE-79
Cross-site Scripting
CVE-2002-2358 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
278350 - mozilla mozilla Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL. CWE-79
Cross-site Scripting
CVE-2002-2359 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm