Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
301	7.2	重要 Network	mayurik	advocate office management system	mayurik の advocate office management system における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-3619	2025-01-29 10:43	2024-04-11	Show	GitHub Exploit DB Packet Storm

302	7.3	重要 Local	インテル	Quartus Prime	インテルの Quartus Prime における例外的な状態のチェックに関する脆弱性	CWE-754 CWE-92	CVE-2024-21809	2025-01-29 10:43	2024-05-16	Show	GitHub Exploit DB Packet Storm

303	5.4	警告 Network	Electron Technologies FZC	Pagelayer	Electron Technologies FZC の WordPress 用 Pagelayer におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1590	2025-01-29 10:39	2024-02-23	Show	GitHub Exploit DB Packet Storm

304	4.3	警告 Network	Extend Themes	colibri page builder	Extend Themes の WordPress 用 colibri page builder における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-1870	2025-01-29 10:39	2024-03-9	Show	GitHub Exploit DB Packet Storm

305	5.5	警告 Local		-	IBM の Security Verify Access における初期化されていないリソースの使用に関する脆弱性	CWE-457 CWE-908	CVE-2024-31874	2025-01-29 10:21	2024-04-10	Show	GitHub Exploit DB Packet Storm

306	4.9	警告 Network	IBM	IBM App Connect Enterprise IBM Integration Bus	IBM の IBM Integration Bus および IBM App Connect Enterprise におけるエンコードおよびエスケープに関する脆弱性	CWE-116 CWE-117	CVE-2024-22356	2025-01-29 09:57	2024-03-25	Show	GitHub Exploit DB Packet Storm

307	7.5	重要 Network		-	IBM の Security Verify Access におけるハードコードされた認証情報の使用に関する脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2024-31873	2025-01-29 09:38	2024-04-10	Show	GitHub Exploit DB Packet Storm

308	8.8	重要 Network	デル	Dell PowerMax EEM Solutions Enabler Virtual Appliance Dell Unisphere for PowerMax Virtual Appliance	複数のデル製品におけるコマンドインジェクションの脆弱性	CWE-77 CWE-78	CVE-2024-25946	2025-01-28 18:22	2024-03-28	Show	GitHub Exploit DB Packet Storm

309	8.8	重要 Network	デル	Dell PowerMax EEM Solutions Enabler Virtual Appliance Dell Unisphere for PowerMax Virtual Appliance	複数のデル製品におけるコマンドインジェクションの脆弱性	CWE-77 CWE-78	CVE-2024-25955	2025-01-28 18:22	2024-03-28	Show	GitHub Exploit DB Packet Storm

310	8.8	重要 Network	UnitedOver	Digits	UnitedOver の WordPress 用 Digits におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2024-0203	2025-01-28 18:16	2024-03-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 5, 2025, 4:56 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
280131	-	com21	doxport_1100	Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal ne…	NVD-CWE-Other	CVE-2002-1968	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

280132	-	the_magic_notebook	the_magic_notebook	Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login.	NVD-CWE-Other	CVE-2002-1969	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

280133	-	snortcenter	snortcenter	SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passw…	NVD-CWE-Other	CVE-2002-1970	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

280134	-	sourcecraft	networking_utils	The ping utility in networking_utils.php in Sourcecraft Networking_Utils 1.0 allows remote attackers to read arbitrary files via shell metacharacters in the Domain name or IP address argument.	NVD-CWE-Other	CVE-2002-1971	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

280135	-	sebastian_dehne	pp_powerswitch	Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports.	NVD-CWE-Other	CVE-2002-1972	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

280136	-	sharp	zaurus	The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require authentication, which allows remote attackers to access the file system as root.	NVD-CWE-Other	CVE-2002-1974	2008-09-6 05:31	2002-12-31	Show	GitHub Exploit DB Packet Storm

280137	-	qualcomm	eudora	Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment w…	NVD-CWE-Other	CVE-2002-1210	2008-09-6 05:30	2002-11-29	Show	GitHub Exploit DB Packet Storm

280138	-	kde	kde	Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScri…	NVD-CWE-Other	CVE-2002-1223	2008-09-6 05:30	2002-10-28	Show	GitHub Exploit DB Packet Storm

280139	-	kde	kde	Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.	NVD-CWE-Other	CVE-2002-1224	2008-09-6 05:30	2002-10-28	Show	GitHub Exploit DB Packet Storm

280140	-	pam	pam	PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users.	NVD-CWE-Other	CVE-2002-1227	2008-09-6 05:30	2002-10-28	Show	GitHub Exploit DB Packet Storm