Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
491	5.9	警告 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows Kerberos の情報漏えいの脆弱性	CWE-200 CWE-noinfo	CVE-2025-21242	2025-01-27 17:18	2025-01-14	Show	GitHub Exploit DB Packet Storm

492	6.5	警告 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows 10 Microsoft Windows Server&…	Windows Geolocation Service の情報漏えいの脆弱性	CWE-284 CWE-noinfo	CVE-2025-21301	2025-01-27 17:18	2025-01-14	Show	GitHub Exploit DB Packet Storm

493	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21240	2025-01-27 17:16	2025-01-14	Show	GitHub Exploit DB Packet Storm

494	6.5	警告 Local	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows COM サーバーの情報漏えいの脆弱性	CWE-908 CWE-noinfo	CVE-2025-21288	2025-01-27 17:14	2025-01-14	Show	GitHub Exploit DB Packet Storm

495	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows 10 Microsoft Windows Server&…	Windows Kerberos のセキュリティ機能のバイパスの脆弱性	CWE-922 CWE-noinfo	CVE-2025-21299	2025-01-27 17:06	2025-01-14	Show	GitHub Exploit DB Packet Storm

496	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21237	2025-01-27 17:04	2025-01-14	Show	GitHub Exploit DB Packet Storm

497	8.1	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Microsoft ダイジェスト認証のリモートでコードが実行される脆弱性	CWE-591 CWE-noinfo	CVE-2025-21294	2025-01-27 17:00	2025-01-14	Show	GitHub Exploit DB Packet Storm

498	9.8	緊急 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows Reliable Multicast Transport Driver (RMCAST) のリモートでコードが実行される脆弱性	CWE-416 CWE-noinfo	CVE-2025-21307	2025-01-27 16:53	2025-01-14	Show	GitHub Exploit DB Packet Storm

499	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21303	2025-01-27 16:48	2025-01-14	Show	GitHub Exploit DB Packet Storm

500	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21252	2025-01-27 16:46	2025-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 1, 2025, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
280021	-	working_resources_inc.	badblue	BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges.	NVD-CWE-Other	CVE-2002-1022	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

280022	-	working_resources_inc.	badblue	BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI.	NVD-CWE-Other	CVE-2002-1023	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

280023	-	macromedia	jrun	JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.	NVD-CWE-Other	CVE-2002-1025	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

280024	-	macromedia	sitespring	Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly trigger…	NVD-CWE-Other	CVE-2002-1026	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

280025	-	macromedia	sitespring	Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 50…	NVD-CWE-Other	CVE-2002-1027	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

280026	-	oddsock	song_requester	Multiple buffer overflows in the CGI programs for Oddsock Song Requester WinAmp plugin 2.1 allow remote attackers to cause a denial of service (crash) via long arguments.	NVD-CWE-Other	CVE-2002-1028	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

280027	-	worldspan	res_manager	Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990.	NVD-CWE-Other	CVE-2002-1029	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

280028	-	bea	weblogic_server	Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections.	NVD-CWE-Other	CVE-2002-1030	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

280029	-	key_focus	kf_web_server	KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character.	NVD-CWE-Other	CVE-2002-1031	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

280030	-	key_focus	kf_web_server	Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header.	NVD-CWE-Other	CVE-2002-1032	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm