Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 16, 2025, 2:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
311 8.8 重要
Network 		Wazuh Inc. Wazuh Wazuh Inc. の Wazuh におけるコードインジェクションの脆弱性 New CWE-94
CWE-94
CVE-2023-50260 2025-01-14 16:05 2023-12-5 Show GitHub Exploit DB Packet Storm
312 7.8 重要
Local 		クアルコム SD 450 ファームウェア
SD 615 ファームウェア
SD 616 ファームウェア
SD 810 ファームウェア
SD 212 ファームウェア
MDM9607 ファームウェア
MDM9650 ファームウェア
SD 210… 		複数のクアルコム製品における認証に関する脆弱性 New CWE-287
不適切な認証 		CVE-2018-11952 2025-01-14 16:04 2018-06-7 Show GitHub Exploit DB Packet Storm
313 7.8 重要
Local 		クアルコム SD 850 ファームウェア
SD 835 ファームウェア
MDM9206 ファームウェア
MDM9607 ファームウェア
SD 845 ファームウェア 		複数のクアルコム製品における境界外書き込みに関する脆弱性 New CWE-20
CWE-787
CVE-2017-15832 2025-01-14 16:04 2017-10-24 Show GitHub Exploit DB Packet Storm
314 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における脆弱性 New CWE-noinfo
情報不足 		CVE-2021-47037 2025-01-14 15:59 2021-03-30 Show GitHub Exploit DB Packet Storm
315 5.3 警告
Network 		helderk Maintenance Mode helderk の WordPress 用 Maintenance Mode における脆弱性 New CWE-noinfo
情報不足 		CVE-2024-1478 2025-01-14 15:55 2024-03-5 Show GitHub Exploit DB Packet Storm
316 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における脆弱性 New CWE-noinfo
情報不足 		CVE-2021-47029 2025-01-14 15:52 2021-04-12 Show GitHub Exploit DB Packet Storm
317 5.3 警告
Network 		Huawei NIP6300 ファームウェア
Secospace USG6600 ファームウェア
USG6000V ファームウェア
Secospace USG6300 ファームウェア
NGFW Module ファームウェア
Secospace USG6500 ファームウェア
 複数の Huawei 製品における境界外読み取りに関する脆弱性 New CWE-125
CWE-125
CVE-2020-1820 2025-01-14 15:47 2024-12-28 Show GitHub Exploit DB Packet Storm
318 3.3
Local 		Huawei P30 Pro ファームウェア Huawei の P30 Pro ファームウェアにおける脆弱性 New CWE-200
CWE-noinfo
CVE-2020-9089 2025-01-14 15:47 2020-02-18 Show GitHub Exploit DB Packet Storm
319 9.1 緊急
Network 		Huawei HarmonyOS
EMUI 		Huawei の EMUI および HarmonyOS におけるパストラバーサルの脆弱性 New CWE-22
CWE-22
CVE-2023-52953 2025-01-14 15:47 2025-01-8 Show GitHub Exploit DB Packet Storm
320 7.5 重要
Network 		Huawei HarmonyOS
EMUI 		Huawei の EMUI および HarmonyOS における不適切なデフォルトパーミッションに関する脆弱性 New CWE-276
CWE-701
CVE-2023-52954 2025-01-14 15:47 2025-01-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 16, 2025, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275491 - uniwin ecart_professional Cross-site scripting (XSS) vulnerability in Uniwin eCart Professional before 2.0.16 allows remote attackers to inject arbitrary web script or HTML via the rp parameter to cartView.asp and unspecified… CWE-79
Cross-site Scripting 		CVE-2008-0558 2008-09-6 06:35 2008-02-5 Show GitHub Exploit DB Packet Storm
275492 - liferay liferay_enterprise_portal Cross-site request forgery (CSRF) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal 4.3.6 allows remote attackers to perform unspecified actions as unspecified authenticated u… CWE-352
 Origin Validation Error 		CVE-2008-0563 2008-09-6 06:35 2008-02-5 Show GitHub Exploit DB Packet Storm
275493 - xlight_ftp_server xlight_ftp_server The LDAP authentication feature in XLight FTP Server before 2.83, when used with some unspecified LDAP servers, does not check for blank passwords, which allows remote attackers to bypass intended ac… CWE-255
Credentials Management 		CVE-2008-0604 2008-09-6 06:35 2008-02-6 Show GitHub Exploit DB Packet Storm
275494 - mplayer mplayer Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-0629 2008-09-6 06:35 2008-02-7 Show GitHub Exploit DB Packet Storm
275495 - mplayer mplayer Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-0630 2008-09-6 06:35 2008-02-7 Show GitHub Exploit DB Packet Storm
275496 - portail_web_php portail_web_php Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) config/conf-activation.p… CWE-94
Code Injection 		CVE-2008-0645 2008-09-6 06:35 2008-02-8 Show GitHub Exploit DB Packet Storm
275497 - simple_os_cms simple_os_cms SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unkn… CWE-89
SQL Injection 		CVE-2008-0650 2008-09-6 06:35 2008-02-8 Show GitHub Exploit DB Packet Storm
275498 - pedro_santana_codice cms SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unk… CWE-89
SQL Injection 		CVE-2008-0651 2008-09-6 06:35 2008-02-8 Show GitHub Exploit DB Packet Storm
275499 - website_meta_language website_meta_language wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file. CWE-59
Link Following 		CVE-2008-0665 2008-09-6 06:35 2008-02-12 Show GitHub Exploit DB Packet Storm
275500 - website_meta_language website_meta_language Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files us… CWE-59
Link Following 		CVE-2008-0666 2008-09-6 06:35 2008-02-12 Show GitHub Exploit DB Packet Storm