Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 29, 2025, 12:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
421	7.8	重要 Local	インテル	graphics performance analyzers	インテルの graphics performance analyzers における脆弱性	CWE-284 CWE-noinfo	CVE-2023-40071	2025-01-24 13:51	2023-10-12	Show	GitHub Exploit DB Packet Storm

422	4.8	警告 Network	WP Ninjas, LLC.	Ninja Forms	Saturday Drive の WordPress 用 Ninja Forms におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-50515	2025-01-24 13:51	2024-11-19	Show	GitHub Exploit DB Packet Storm

423	5.4	警告 Network	Nextcloud	Nextcloud Server	Nextcloud の Nextcloud Server における不正な認証に関する脆弱性	CWE-287 CWE-863	CVE-2024-52518	2025-01-24 13:51	2024-11-15	Show	GitHub Exploit DB Packet Storm

424	7.5	重要 Network	EBM Technologies	RISWEB	EBM Technologies の RISWEB における重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2024-26263	2025-01-24 13:45	2024-02-15	Show	GitHub Exploit DB Packet Storm

425	5.5	警告 Local	radare	radare2	radare の radare2 における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2024-26475	2025-01-24 13:45	2024-03-14	Show	GitHub Exploit DB Packet Storm

426	6.5	警告 Network	ZyXEL	NAS 542 ファームウェア NAS 326 ファームウェア	ZyXEL の NAS 326 ファームウェアおよび NAS 542 ファームウェアにおける脆弱性	CWE-269 CWE-noinfo	CVE-2024-29976	2025-01-24 13:45	2024-06-4	Show	GitHub Exploit DB Packet Storm

427	5.4	警告 Network	Basixonline	NEX-Forms	Basixonline の WordPress 用 NEX-Forms におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-37512	2025-01-24 13:45	2024-07-21	Show	GitHub Exploit DB Packet Storm

428	5.3	警告 Network	Fedora Project Moodle	Fedora Moodle	Moodle の Moodle 等複数ベンダの製品における脆弱性	CWE-233 CWE-noinfo	CVE-2024-25979	2025-01-24 12:25	2024-02-19	Show	GitHub Exploit DB Packet Storm

429	5.3	警告 Network	Fedora Project Moodle	Fedora Moodle	Moodle の Moodle 等複数ベンダの製品における脆弱性	CWE-284 CWE-noinfo	CVE-2024-25981	2025-01-24 12:25	2024-02-19	Show	GitHub Exploit DB Packet Storm

430	9.8	緊急 Network	PHOENIX CONTACT	charx sec-3100 ファームウェア charx sec-3050 ファームウェア charx sec-3000 ファームウェア charx sec-3150 ファームウェア	複数の PHOENIX CONTACT 製品における同一生成元ポリシー違反に関する脆弱性	CWE-346 同一生成元ポリシー違反	CVE-2024-25996	2025-01-24 12:25	2024-03-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 29, 2025, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
275661	-	apache	struts	Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, …	CWE-79 Cross-site Scripting	CVE-2008-2025	2009-04-18 14:35	2009-04-10	Show	GitHub Exploit DB Packet Storm

275662	-	zazzle	store_builder	Multiple cross-site scripting (XSS) vulnerabilities in include/zstore.php in Zazzle Store Builder 1.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) gridPage and (2) grid…	CWE-79 Cross-site Scripting	CVE-2009-1320	2009-04-17 23:08	2009-04-17	Show	GitHub Exploit DB Packet Storm

275663	-	debian	horde_imp	Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 4.2.2 and 4.3.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp…	CWE-79 Cross-site Scripting	CVE-2009-0930	2009-04-16 14:38	2009-03-18	Show	GitHub Exploit DB Packet Storm

275664	-	phpmyadmin	phpmyadmin	Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to read arbitrary files via directory traversal sequen…	CWE-22 Path Traversal	CVE-2009-1148	2009-04-16 14:38	2009-03-26	Show	GitHub Exploit DB Packet Storm

275665	-	phpmyadmin	phpmyadmin	CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response …	CWE-20 Improper Input Validation	CVE-2009-1149	2009-04-16 14:38	2009-03-26	Show	GitHub Exploit DB Packet Storm

275666	-	ibm	db2_content_manager	Unspecified vulnerability in the eClient in IBM DB2 Content Manager 8.4.1 before 8.4.1.1 has unknown impact and attack vectors.	NVD-CWE-noinfo	CVE-2009-1231	2009-04-16 14:38	2009-04-3	Show	GitHub Exploit DB Packet Storm

275667	-	james_stone	tunapie	James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file.	CWE-59 Link Following	CVE-2009-1253	2009-04-16 14:38	2009-04-9	Show	GitHub Exploit DB Packet Storm

275668	-	james_stone	tunapie	James Stone Tunapie 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a stream URL.	CWE-20 Improper Input Validation	CVE-2009-1254	2009-04-16 14:38	2009-04-9	Show	GitHub Exploit DB Packet Storm

275669	-	gnome	gnumeric	Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory,…	NVD-CWE-Other	CVE-2009-0318	2009-04-16 14:37	2009-01-28	Show	GitHub Exploit DB Packet Storm

275670	-	gnome	eog	Untrusted search path vulnerability in the Python interface in Eye of GNOME (eog) 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in t…	NVD-CWE-Other	CVE-2008-5987	2009-04-16 14:35	2009-01-28	Show	GitHub Exploit DB Packet Storm