Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
491 5.9 警告
Network
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Window…
Windows Kerberos の情報漏えいの脆弱性 CWE-200
CWE-noinfo
CVE-2025-21242 2025-01-27 17:18 2025-01-14 Show GitHub Exploit DB Packet Storm
492 6.5 警告
Network
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2019
Microsoft Windows 10
Microsoft Windows Server&…
Windows Geolocation Service の情報漏えいの脆弱性 CWE-284
CWE-noinfo
CVE-2025-21301 2025-01-27 17:18 2025-01-14 Show GitHub Exploit DB Packet Storm
493 8.8 重要
Network
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Window…
Windows テレフォニー サービスのリモートでコードが実行される脆弱性 CWE-122
CWE-noinfo
CVE-2025-21240 2025-01-27 17:16 2025-01-14 Show GitHub Exploit DB Packet Storm
494 6.5 警告
Local
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Window…
Windows COM サーバーの情報漏えいの脆弱性 CWE-908
CWE-noinfo
CVE-2025-21288 2025-01-27 17:14 2025-01-14 Show GitHub Exploit DB Packet Storm
495 7.8 重要
Local
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2019
Microsoft Windows 10
Microsoft Windows Server&…
Windows Kerberos のセキュリティ機能のバイパスの脆弱性 CWE-922
CWE-noinfo
CVE-2025-21299 2025-01-27 17:06 2025-01-14 Show GitHub Exploit DB Packet Storm
496 8.8 重要
Network
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Window…
Windows テレフォニー サービスのリモートでコードが実行される脆弱性 CWE-122
CWE-noinfo
CVE-2025-21237 2025-01-27 17:04 2025-01-14 Show GitHub Exploit DB Packet Storm
497 8.1 重要
Network
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Window…
Microsoft ダイジェスト認証のリモートでコードが実行される脆弱性 CWE-591
CWE-noinfo
CVE-2025-21294 2025-01-27 17:00 2025-01-14 Show GitHub Exploit DB Packet Storm
498 9.8 緊急
Network
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Window…
Windows Reliable Multicast Transport Driver (RMCAST) のリモートでコードが実行される脆弱性 CWE-416
CWE-noinfo
CVE-2025-21307 2025-01-27 16:53 2025-01-14 Show GitHub Exploit DB Packet Storm
499 8.8 重要
Network
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Window…
Windows テレフォニー サービスのリモートでコードが実行される脆弱性 CWE-122
CWE-noinfo
CVE-2025-21303 2025-01-27 16:48 2025-01-14 Show GitHub Exploit DB Packet Storm
500 8.8 重要
Network
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Window…
Windows テレフォニー サービスのリモートでコードが実行される脆弱性 CWE-122
CWE-noinfo
CVE-2025-21252 2025-01-27 16:46 2025-01-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 1, 2025, 4:12 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274961 - turnkeyforms yahoo-answers-clone Cross-site scripting (XSS) vulnerability in questiondetail.php in Yahoo Answers Clone allows remote attackers to inject arbitrary web script or HTML via the questionid parameter. CWE-79
Cross-site Scripting
CVE-2009-4858 2010-05-11 21:02 2010-05-11 Show GitHub Exploit DB Packet Storm
274962 - onlinetechtools.com owos_lite Multiple cross-site scripting (XSS) vulnerabilities in Online Work Order Suite (OWOS) Lite Edition 3.10 allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) def… CWE-79
Cross-site Scripting
CVE-2009-4859 2010-05-11 21:02 2010-05-11 Show GitHub Exploit DB Packet Storm
274963 - supportpro supportdesk Cross-site scripting (XSS) vulnerability in shownews.php in SupportPRO SupportDesk 3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. CWE-79
Cross-site Scripting
CVE-2009-4861 2010-05-11 21:02 2010-05-11 Show GitHub Exploit DB Packet Storm
274964 - hitronsoft answer_me Cross-site scripting (XSS) vulnerability in Hitron Soft Answer Me 1.0 allows remote attackers to inject arbitrary web script or HTML via the q_id parameter to the answers script (aka answers.php). N… CWE-79
Cross-site Scripting
CVE-2009-4868 2010-05-11 21:02 2010-05-11 Show GitHub Exploit DB Packet Storm
274965 - hitronsoft nasim_guest_book Cross-site scripting (XSS) vulnerability in index.php in Nasim Guest Book 1.2 allows remote attackers to inject arbitrary web script or HTML via the page parameter. CWE-79
Cross-site Scripting
CVE-2009-4869 2010-05-11 21:02 2010-05-11 Show GitHub Exploit DB Packet Storm
274966 - openttd openttd OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or … CWE-264
Permissions, Privileges, and Access Controls
CVE-2010-0401 2010-05-11 13:00 2010-05-5 Show GitHub Exploit DB Packet Storm
274967 - openttd openttd OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map. CWE-399
 Resource Management Errors
CVE-2010-0406 2010-05-11 13:00 2010-05-5 Show GitHub Exploit DB Packet Storm
274968 - adobe photoshop_cs4 Multiple unspecified vulnerabilities in Adobe Photoshop CS4 11.x before 11.0.1 allow user-assisted remote attackers to execute arbitrary code via a crafted TIFF file. CWE-94
Code Injection
CVE-2010-1279 2010-05-11 13:00 2010-05-5 Show GitHub Exploit DB Packet Storm
274969 - mytty webapplication_finger_printer Web Application Finger Printer (WAFP) 0.01-26c3 uses fixed pathnames under /tmp for temporary files and directories, which (1) allows local users to cause a denial of service (application outage) by … NVD-CWE-Other
CVE-2010-1438 2010-05-11 13:00 2010-05-6 Show GitHub Exploit DB Packet Storm
274970 - zikula zikula_application_framework Cross-site request forgery (CSRF) vulnerability in the users module in Zikula Application Framework before 1.2.3 allows remote attackers to hijack the authentication of administrators for requests th… CWE-352
 Origin Validation Error
CVE-2010-1732 2010-05-11 13:00 2010-05-6 Show GitHub Exploit DB Packet Storm