Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 18, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
471	6.5	警告 Network	servit	affiliate-toolkit	servit の WordPress 用 affiliate-toolkit における認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2024-1851	2025-01-16 11:16	2024-03-8	Show	GitHub Exploit DB Packet Storm

472	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	fh1203 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の fh1203 ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-121 CWE-787	CVE-2024-2988	2025-01-16 11:16	2024-03-27	Show	GitHub Exploit DB Packet Storm

473	8.8	重要 Network	DesDev Inc.	DedeCMS	DesDev Inc. の DedeCMS における SQL インジェクションの脆弱性 New	CWE-89 SQLインジェクション	CVE-2024-3148	2025-01-16 11:16	2024-04-2	Show	GitHub Exploit DB Packet Storm

474	7.8	重要 Local	Rockwell Automation	Arena	Rockwell Automation の Arena における解放済みメモリの使用に関する脆弱性 Update	CWE-416 解放済みメモリの使用	CVE-2024-12175	2025-01-16 10:40	2024-12-19	Show	GitHub Exploit DB Packet Storm

475	5.4	警告 Network	マイクロソフト	Microsoft Windows Server 2008 Microsoft Windows 10 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Window…	Windows Mark Of The Web セキュリティ機能のバイパスの脆弱性	CWE-693 CWE-noinfo	CVE-2024-30050	2025-01-15 18:15	2024-05-14	Show	GitHub Exploit DB Packet Storm

476	4.1	警告 Network	マイクロソフト	Microsoft Dynamics 365 Customer Insights	Dynamics 365 Customer Insights のなりすましの脆弱性	CWE-79 CWE-79	CVE-2024-30048	2025-01-15 18:03	2024-05-14	Show	GitHub Exploit DB Packet Storm

477	5.5	警告 Local	マイクロソフト	Azure Identity Library	.NET 用 Azure Identity ライブラリの情報漏えいの脆弱性	CWE-522 CWE-noinfo	CVE-2024-29992	2025-01-15 17:54	2024-04-9	Show	GitHub Exploit DB Packet Storm

478	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2024-26873	2025-01-15 17:49	2024-01-24	Show	GitHub Exploit DB Packet Storm

479	7.8	重要 Local	Linux Debian	Linux Kernel Debian GNU/Linux	Linux の Linux Kernel 等複数ベンダの製品における二重解放に関する脆弱性	CWE-415 二重解放	CVE-2023-52691	2025-01-15 17:47	2023-12-14	Show	GitHub Exploit DB Packet Storm

480	7.8	重要 Local	Linux Debian	Linux Kernel Debian GNU/Linux	Linux の Linux Kernel 等複数ベンダの製品における二重解放に関する脆弱性	CWE-415 二重解放	CVE-2023-52679	2025-01-15 17:44	2023-12-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 18, 2025, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
275981	-	vmware	ace	Unspecified vulnerability in EMC VMware ACE before 1.0.3 Build 54075 allows attackers to have an unknown impact via an unspecified manipulation of "images stored in virtual machines downloaded by the…	NVD-CWE-noinfo	CVE-2007-5025	2008-09-6 06:29	2007-09-22	Show	GitHub Exploit DB Packet Storm

275982	-	dibbler	dibbler	Dibbler 0.6.0 on Linux uses weak world-writable permissions for unspecified files in /var/lib/dibbler, which has unknown impact and local attack vectors.	CWE-200 Information Exposure	CVE-2007-5028	2008-09-6 06:29	2007-09-22	Show	GitHub Exploit DB Packet Storm

275983	-	egroupware	egroupware	Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.4.001 allow remote attackers to inject arbitrary web script or HTML via the cat_data[color] parameter to (1) preferences/inc/class.…	CWE-79 Cross-site Scripting	CVE-2007-5091	2008-09-6 06:29	2007-09-27	Show	GitHub Exploit DB Packet Storm

275984	-	id3lib	id3lib	The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) 3.8.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file whose name is constructed from the na…	NVD-CWE-Other	CVE-2007-4460	2008-09-6 06:28	2007-08-22	Show	GitHub Exploit DB Packet Storm

275985	-	po4a	po4a	lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite arbitrary files via a symlink attack on the gettextization.failed.po temporary file.	NVD-CWE-Other	CVE-2007-4462	2008-09-6 06:28	2007-08-22	Show	GitHub Exploit DB Packet Storm

275986	-	sshkeychain	sshkeychain	Unspecified vulnerability in TunnelRunner in SSHKeychain before 0.8.2 beta, and possibly later versions, allows local users to gain privileges via unspecified vectors.	NVD-CWE-Other	CVE-2007-4500	2008-09-6 06:28	2007-08-24	Show	GitHub Exploit DB Packet Storm

275987	-	sshkeychain	sshkeychain	Unspecified vulnerability in PassphraseRequester in SSHKeychain before 0.8.2 beta allows attackers to obtain sensitive information (passwords) via unknown vectors, related to "poor protection."	NVD-CWE-Other	CVE-2007-4501	2008-09-6 06:28	2007-08-24	Show	GitHub Exploit DB Packet Storm

275988	-	vavoom	vavoom	Buffer overflow in the VThinker::BroadcastPrintf function in p_thinker.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via (1) a long string in a chat message and pos…	NVD-CWE-Other	CVE-2007-4534	2008-09-6 06:28	2007-08-25	Show	GitHub Exploit DB Packet Storm

275989	-	vavoom	vavoom	The VStr::Resize function in str.cpp in Vavoom 1.24 and earlier allows remote attackers to cause a denial of service (daemon crash) via a string with a negative NewLen value within a certain UDP pack…	NVD-CWE-Other	CVE-2007-4535	2008-09-6 06:28	2007-08-25	Show	GitHub Exploit DB Packet Storm

275990	-	apache	geronimo	The login method in LoginModule implementations in Apache Geronimo 2.0 does not throw FailedLoginException for failed logins, which allows remote attackers to bypass authentication requirements, depl…	CWE-287 Improper Authentication	CVE-2007-4548	2008-09-6 06:28	2007-08-28	Show	GitHub Exploit DB Packet Storm