Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
481	6.5	警告 Network	Fedora Project F5 Networks	NGINX plus Fedora nginx open source	F5 Networks の nginx open source 等複数ベンダの製品における境界外書き込みに関する脆弱性	CWE-787 CWE-787	CVE-2024-32760	2025-01-27 17:58	2024-05-29	Show	GitHub Exploit DB Packet Storm

482	5.3	警告 Network	Fedora Project F5 Networks	NGINX plus Fedora nginx open source	F5 Networks の nginx open source 等複数ベンダの製品における解放済みメモリの使用に関する脆弱性	CWE-416 CWE-416	CVE-2024-34161	2025-01-27 17:58	2024-05-29	Show	GitHub Exploit DB Packet Storm

483	9.8	緊急 Network	マイクロソフト	Microsoft Windows Server 2022 Microsoft Windows 11 Microsoft Windows Server 2025	Windows NTLM V1 Elevation of Privilege Vulnerability	CWE-303 CWE-noinfo	CVE-2025-21311	2025-01-27 17:52	2025-01-14	Show	GitHub Exploit DB Packet Storm

484	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21306	2025-01-27 17:49	2025-01-14	Show	GitHub Exploit DB Packet Storm

485	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21302	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

486	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-190 CWE-noinfo	CVE-2025-21243	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

487	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-125 CWE-noinfo	CVE-2025-21245	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

488	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows 10 Microsoft Windows Server&…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21248	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

489	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microsoft Window…	Active Directory Domain Services Elevation of Privilege Vulnerability	CWE-284 CWE-noinfo	CVE-2025-21293	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

490	7.5	重要 Adjacent	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	BranchCache のリモートでコードが実行される脆弱性	CWE-416 CWE-noinfo	CVE-2025-21296	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 5, 2025, 4:56 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274561	-	macromedia	coldfusion	ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to …	NVD-CWE-Other	CVE-2005-4342	2011-03-8 11:28	2005-12-19	Show	GitHub Exploit DB Packet Storm

274562	-	macromedia	coldfusion	Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled b…	NVD-CWE-Other	CVE-2005-4343	2011-03-8 11:28	2005-12-19	Show	GitHub Exploit DB Packet Storm

274563	-	macromedia	coldfusion	Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuratio…	NVD-CWE-Other	CVE-2005-4344	2011-03-8 11:28	2005-12-19	Show	GitHub Exploit DB Packet Storm

274564	-	macromedia	coldfusion	Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges.	NVD-CWE-Other	CVE-2005-4345	2011-03-8 11:28	2005-12-19	Show	GitHub Exploit DB Packet Storm

274565	-	sun	wbem_services	Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 and A.02.x before A.02.00.08 on HP-UX B.11.00 through B.11.23 allows remote attackers to cause an unspecified denial of service via…	NVD-CWE-Other	CVE-2005-4350	2011-03-8 11:28	2005-12-20	Show	GitHub Exploit DB Packet Storm

274566	-	toenda_software_development	toendacms	SQL injection vulnerability in index.php in toendaCMS 0.6.2.1, when configured to use a SQL database, allows remote attackers to execute arbitrary SQL commands via the id parameter.	NVD-CWE-Other	CVE-2005-4353	2011-03-8 11:28	2005-12-20	Show	GitHub Exploit DB Packet Storm

274567	-	-	-	Cross-site scripting (XSS) vulnerability in webglimpse.cgi in Webglimpse 2.14.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter.	NVD-CWE-Other	CVE-2005-4354	2011-03-8 11:28	2005-12-20	Show	GitHub Exploit DB Packet Storm

274568	-	xmpie	ustore	Multiple cross-site scripting (XSS) vulnerabilities in UStore allow remote attackers to inject arbitrary web script or HTML via the (1) Cat parameter in default.asp and the (2) accessdenied parameter…	NVD-CWE-Other	CVE-2005-4355	2011-03-8 11:28	2005-12-20	Show	GitHub Exploit DB Packet Storm

274569	-	xmpie	ustore	SQL injection vulnerability in UStore allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. NOTE: the provenance of this information is unknown; the…	NVD-CWE-Other	CVE-2005-4356	2011-03-8 11:28	2005-12-20	Show	GitHub Exploit DB Packet Storm

274570	-	oodie	odfaq	SQL injection vulnerability in includes/core.inc.php in ODFaq 2.1.0 allows remote attackers to execute arbitrary SQL commands via the (1) cat and (2) srcText parameters to faq.php.	NVD-CWE-Other	CVE-2005-4359	2011-03-8 11:28	2005-12-20	Show	GitHub Exploit DB Packet Storm