Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
21	9.8	緊急 Network	Apache Software Foundation 日立	Hitachi Application Server for Developers uCosminexus Developer Hitachi Web Server uCosminexus Application Server Express uCosminexus&nbs…	Apache Software Foundation の Apache HTTP Server 等複数ベンダの製品における脆弱性 Update	CWE-noinfo 情報不足	CVE-2024-38476	2025-01-30 15:19	2024-07-1	Show	GitHub Exploit DB Packet Storm

22	7.5	重要 Network	Apache Software Foundation 日立	Hitachi Application Server for Developers uCosminexus Developer Hitachi Web Server uCosminexus Application Server Express uCosminexus&nbs…	Apache Software Foundation の Apache HTTP Server 等複数ベンダの製品における NULL ポインタデリファレンスに関する脆弱性 Update	CWE-476 NULL ポインタデリファレンス	CVE-2024-38477	2025-01-30 15:09	2024-07-1	Show	GitHub Exploit DB Packet Storm

23	-	-	OpenSSL Project	OpenSSL	OpenSSL の関数 SSL_select_next_proto におけるバッファオーバーリードの脆弱性（OpenSSL Security Advisory [27th June 2024]） Update	CWE-126 バッファオーバーリード	CVE-2024-5535	2025-01-30 14:50	2024-07-3	Show	GitHub Exploit DB Packet Storm

24	9.8	緊急 Network	SQLite	SQLite	SQLite における解放済みメモリの使用に関する脆弱性 Update	CWE-416 解放済みメモリの使用	CVE-2020-11656	2025-01-30 14:08	2020-04-3	Show	GitHub Exploit DB Packet Storm

25	-	-	B&R Industrial Automation	Automation Runtime B&R mapp View	複数の B&R 製品における非推奨暗号アルゴリズムの使用の脆弱性 New	CWE-327 不完全、または危険な暗号アルゴリズムの使用	CVE-2024-8603	2025-01-30 13:51	2025-01-29	Show	GitHub Exploit DB Packet Storm

26	7.5	重要 Network	マイクロソフト	Microsoft Entra ID	Microsoft Entra ID の特権昇格の脆弱性 New	CWE-284 CWE-Other	CVE-2024-43477	2025-01-30 13:32	2024-08-22	Show	GitHub Exploit DB Packet Storm

27	8.8	重要 Network	マイクロソフト	Azure Managed Instance for Apache Cassandra	Azure Managed Instance for Apache Cassandra の特権昇格の脆弱性 New	CWE-284 CWE-Other	CVE-2024-38175	2025-01-30 12:29	2024-08-20	Show	GitHub Exploit DB Packet Storm

28	8.8	重要 Network	マイクロソフト	Microsoft SQL Server	Microsoft SQL Server の特権昇格の脆弱性 New	CWE-20 CWE-noinfo	CVE-2024-37965	2025-01-30 12:17	2024-09-10	Show	GitHub Exploit DB Packet Storm

29	4.3	警告 Network	Linkz.ai	Linkz.ai - Automatic link previews on hover	Linkz.ai の WordPress 用 Linkz.ai - Automatic link previews on hover における認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2024-9587	2025-01-30 12:12	2024-10-11	Show	GitHub Exploit DB Packet Storm

30	7.5	重要 Network	デル	NativeEdge Orchestrator	デルの NativeEdge Orchestrator における脆弱性 New	CWE-1230 CWE-noinfo	CVE-2024-53291	2025-01-30 12:09	2024-12-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
280411	-	freebsd	freebsd	FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP c…	NVD-CWE-Other	CVE-2000-0916	2008-09-6 05:22	2000-12-19	Show	GitHub Exploit DB Packet Storm

280412	-	kde	kvt	Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters.	NVD-CWE-Other	CVE-2000-0918	2008-09-6 05:22	2000-12-19	Show	GitHub Exploit DB Packet Storm

280413	-	david_harris	pegasus_mail	Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data.	NVD-CWE-Other	CVE-2000-0931	2008-09-6 05:22	2000-12-19	Show	GitHub Exploit DB Packet Storm

280414	-	xfree86_project	xlib	Buffer overflow in xlib in XFree 3.3.x possibly allows local users to execute arbitrary commands via a long DISPLAY environment variable or a -display command line parameter.	NVD-CWE-Other	CVE-2000-0976	2008-09-6 05:22	2000-12-19	Show	GitHub Exploit DB Packet Storm

280415	-	nevis_systems	all-mail	Buffer overflow in All-Mail 1.1 allows remote attackers to execute arbitrary commands via a long "MAIL FROM" or "RCPT TO" command.	NVD-CWE-Other	CVE-2000-0985	2008-09-6 05:22	2000-12-19	Show	GitHub Exploit DB Packet Storm

280416	-	freebsd	freebsd	Format string vulnerability in top program allows local attackers to gain root privileges via the "kill" or "renice" function.	NVD-CWE-Other	CVE-2000-0998	2008-09-6 05:22	2000-12-11	Show	GitHub Exploit DB Packet Storm

280417	-	openbsd	openssh	Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.	NVD-CWE-Other	CVE-2000-0999	2008-09-6 05:22	2000-12-11	Show	GitHub Exploit DB Packet Storm

280418	-	palm	palm_os	PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device.	NVD-CWE-Other	CVE-2000-1008	2008-09-6 05:22	2000-12-11	Show	GitHub Exploit DB Packet Storm

280419	-	freebsd	freebsd	The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.	NVD-CWE-Other	CVE-2000-1012	2008-09-6 05:22	2000-12-11	Show	GitHub Exploit DB Packet Storm

280420	-	freebsd	freebsd	The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.	NVD-CWE-Other	CVE-2000-1013	2008-09-6 05:22	2000-12-11	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed