Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 16, 2025, 4:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
421 7.8 重要
Local 		Outlook.com Microsoft Edge Chromium Microsoft Edge (HTML ベース) のメモリ破損の脆弱性 New CWE-119
CWE-787
CWE-843
CVE-2024-38218 2025-01-14 15:06 2024-08-8 Show GitHub Exploit DB Packet Storm
422 7.8 重要
Local 		マイクロソフト Microsoft Windows 11
Microsoft Windows Server 2022
Microsoft Windows 10 		Windows Update スタックの特権の昇格の脆弱性 New CWE-284
CWE-noinfo
CVE-2024-38163 2025-01-14 15:02 2024-08-13 Show GitHub Exploit DB Packet Storm
423 4.8 警告
Network 		FreeScout FreeScout FreeScout における危険なタイプのファイルの無制限アップロードに関する脆弱性 New CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2024-1932 2025-01-14 14:59 2024-02-28 Show GitHub Exploit DB Packet Storm
424 6.5 警告
Network 		Royal Elementor Addons Royal Elementor Addons and Templates Royal Elementor Addons の WordPress 用 Royal Elementor Addons and Templates におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-2798 2025-01-14 14:59 2024-04-23 Show GitHub Exploit DB Packet Storm
425 9.8 緊急
Network 		PbootCMS PbootCMS PbootCMS におけるコードインジェクションの脆弱性 New CWE-74
CWE-94
CWE-94
CVE-2024-12789 2025-01-14 14:59 2024-12-19 Show GitHub Exploit DB Packet Storm
426 6.1 警告
Network 		anisha job recruitment anisha の job recruitment におけるクロスサイトスクリプティングの脆弱性 New CWE-79
CWE-79
CWE-94
CVE-2024-12883 2025-01-14 14:59 2024-12-21 Show GitHub Exploit DB Packet Storm
427 5.4 警告
Network 		mysiteforme project mysiteforme wangl1989 の mysiteforme におけるクロスサイトスクリプティングの脆弱性 New CWE-79
CWE-79
CWE-94
CVE-2024-13137 2025-01-14 14:59 2025-01-5 Show GitHub Exploit DB Packet Storm
428 8.8 重要
Network 		mysiteforme project mysiteforme wangl1989 の mysiteforme における危険なタイプのファイルの無制限アップロードに関する脆弱性 New CWE-284
CWE-434
CWE-434
CVE-2024-13138 2025-01-14 14:59 2025-01-5 Show GitHub Exploit DB Packet Storm
429 5.4 警告
Network 		emlog emlog emlog におけるクロスサイトスクリプティングの脆弱性 New CWE-79
CWE-79
CWE-94
CVE-2024-13140 2025-01-14 14:59 2025-01-5 Show GitHub Exploit DB Packet Storm
430 5.5 警告
Local 		クアルコム qam8775p ファームウェア
sa8540p ファームウェア
QCA6595AU ファームウェア
sa8255p ファームウェア
sa8650p ファームウェア
QAM8295P ファームウェア
qca6698aq ファームウェア
srv1h ファームウェア
qam… 		複数のクアルコム製品における境界外読み取りに関する脆弱性 New CWE-125
CWE-126
CVE-2024-23366 2025-01-14 14:59 2024-01-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 16, 2025, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275951 - xwiki xwiki The search functionality in XWiki 0.9.793 indexes cleartext user passwords, which allows remote attackers to obtain sensitive information via a search string that matches a password. CWE-255
Credentials Management 		CVE-2005-4862 2008-09-6 05:58 2005-12-31 Show GitHub Exploit DB Packet Storm
275952 - hitachi business_logic Multiple SQL injection vulnerabilities in Hitachi Business Logic - Container (BLC) P-2443-9114 01-00 through 02-06 on Windows, and P-1M43-9111 01-01 through 02-00 on AIX, allow remote attackers to ex… NVD-CWE-Other
CVE-2005-4578 2008-09-6 05:57 2005-12-29 Show GitHub Exploit DB Packet Storm
275953 - phpsurveyor phpsurveyor Multiple SQL injection vulnerabilities in PHPSurveyor before 0.991 allow remote attackers to execute arbitrary SQL commands via the (1) sql parameter in browse.php and the (2) sid, (3) lid, (4) gid, … NVD-CWE-Other
CVE-2005-4586 2008-09-6 05:57 2005-12-30 Show GitHub Exploit DB Packet Storm
275954 - juniper netscreen-security_manager_2004 Juniper NetScreen-Security Manager (NSM) 2004 FP2 and FP3 allow remote attackers to cause a denial of service (crash or hang of server components that are automatically restarted) via a long crafted … NVD-CWE-Other
CVE-2005-4587 2008-09-6 05:57 2005-12-30 Show GitHub Exploit DB Packet Storm
275955 - efilego efilego Directory traversal vulnerability in eFileGo 3.01 allows remote attackers to execute arbitrary code, read arbitrary files, and upload arbitrary files via a ... (triple dot) in (1) the URL on port 608… NVD-CWE-Other
CVE-2005-4622 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
275956 - efilego efilego upload.exe in eFileGo 3.01 allows remote attackers to cause a denial of service (CPU consumption) via an argument with an invalid directory name. NVD-CWE-Other
CVE-2005-4623 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
275957 - ptnet ptnet_ircd The m_join function in channel.c for PTnet ircd 1.5 and 1.6 allows remote attackers to cause a denial of service (memory exhaustion that triggers a daemon restart) via a large number of requests to j… NVD-CWE-Other
CVE-2005-4624 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
275958 - 3cfr 3cfr SQL injection vulnerability in index.php in 3CFR allows remote attackers to execute arbitrary SQL commands via the LangueID parameter. NVD-CWE-Other
CVE-2005-4645 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
275959 - illustrate dbpoweramp_music_converter Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and earlier, possibly including (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe, allows user-assisted attackers to cause a deni… NVD-CWE-Other
CVE-2005-4648 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
275960 - advanced_guestbook advanced_guestbook Multiple cross-site scripting (XSS) vulnerabilities in Advanced Guestbook 2.2 and 2.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the entry parameter in index.php and (2) … NVD-CWE-Other
CVE-2005-4649 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm