Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 18, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
531 8.8 重要
Network 		Gym Management System project Gym Management System codezips の Gym Management System における SQL インジェクションの脆弱性 CWE-74
CWE-89
CWE-89
CVE-2025-0231 2025-01-15 15:25 2025-01-5 Show GitHub Exploit DB Packet Storm
532 9.8 緊急
Network 		Projectworlds Travel Management System fabianros の Travel Management System における SQL インジェクションの脆弱性 CWE-74
CWE-89
CWE-89
CVE-2025-0229 2025-01-15 15:21 2025-01-5 Show GitHub Exploit DB Packet Storm
533 9.8 緊急
Network 		campcodes Complete Student Grading System campcodes の Complete Student Grading System における SQL インジェクションの脆弱性 CWE-74
CWE-89
CWE-89
CVE-2025-0212 2025-01-15 15:12 2025-01-4 Show GitHub Exploit DB Packet Storm
534 7.5 重要
Network 		Huawei EMUI
HarmonyOS 		Huawei の EMUI および HarmonyOS における脆弱性 CWE-227
CWE-noinfo
CVE-2024-56442 2025-01-15 15:04 2024-12-26 Show GitHub Exploit DB Packet Storm
535 7.5 重要
Network 		クアルコム QCA8081 ファームウェア
QCA6431 ファームウェア
qca6698aq ファームウェア
fastconnect 6900 ファームウェア
QCA6595AU ファームウェア
QCA6421 ファームウェア
QCA8337 ファームウェア
QCA6574A … 		複数のクアルコム製品における不正な型変換に関する脆弱性 CWE-704
CWE-704
CVE-2023-33101 2025-01-15 15:01 2023-05-17 Show GitHub Exploit DB Packet Storm
536 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. AC18 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の AC18 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-2485 2025-01-15 15:01 2024-03-15 Show GitHub Exploit DB Packet Storm
537 5.4 警告
Network 		oretnom23 Laundry Shop Management System Oretnom23 の Laundry Shop Management System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-3463 2025-01-15 15:01 2024-04-8 Show GitHub Exploit DB Packet Storm
538 7.2 重要
Network 		BeyondTrust Corporation remote support
privileged remote access 		BeyondTrust Corporation の privileged remote access および remote support における OS コマンドインジェクションの脆弱性 CWE-78
CWE-78
CVE-2024-12686 2025-01-15 15:01 2024-12-18 Show GitHub Exploit DB Packet Storm
539 7.5 重要
Network 		クアルコム snapdragon auto 5g modem-rf ファームウェア
wcn3980 ファームウェア
c-v2x 9150 ファームウェア
WSA8810 ファームウェア
WCN3950 ファームウェア
QCS610 ファームウェア
QCS410 フ… 		複数のクアルコム製品における脆弱性 CWE-20
CWE-noinfo
CVE-2024-21453 2025-01-15 15:01 2024-04-1 Show GitHub Exploit DB Packet Storm
540 8.8 重要
Network 		Synology Inc. Surveillance Station Synology Inc. の Surveillance Station における配列インデックスの検証に関する脆弱性 CWE-129
配列インデックスの不適切な検証 		CVE-2024-29231 2025-01-15 15:01 2024-03-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 18, 2025, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275991 - novell groupwise_webaccess Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote attackers to inject arbitrary web script or HTML via the User.Id parameter, as demonstra… CWE-79
Cross-site Scripting 		CVE-2007-4557 2008-09-6 06:28 2007-08-28 Show GitHub Exploit DB Packet Storm
275992 - polipo polipo Unspecified vulnerability in Polipo before 1.0.2 allows remote attackers to cause a denial of service (daemon crash) via certain network traffic associated with entities larger than 2 Gb. NVD-CWE-Other
CVE-2007-4626 2008-09-6 06:28 2007-08-31 Show GitHub Exploit DB Packet Storm
275993 - yahoo messenger Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote attackers to cause a denial of service (application crash) via certain file-transfer packets, possibly involving a buffer overflow, as demonstra… CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error') 
 Improper Input Validation  		CVE-2007-4635 2008-09-6 06:28 2007-09-1 Show GitHub Exploit DB Packet Storm
275994 - firebirdsql firebird The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log (firebird.log), aka CORE-1148. CWE-200
CWE-264
Information Exposure
Permissions, Privileges, and Access Controls 		CVE-2007-4669 2008-09-6 06:28 2007-09-5 Show GitHub Exploit DB Packet Storm
275995 - iexpress property_pro SQL injection vulnerability in vir_login.asp in iExpress Property Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the Username parameter is covered by… NVD-CWE-Other
CVE-2007-3992 2008-09-6 06:27 2007-07-26 Show GitHub Exploit DB Packet Storm
275996 - mike_dubman windows_rsh_daemon Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has unknown impact and remote attack vectors, aka ZD-00000034. NOTE: this information is based upon a vague advisory by a vulnerability i… NVD-CWE-Other
CVE-2007-4006 2008-09-6 06:27 2007-07-26 Show GitHub Exploit DB Packet Storm
275997 - interspire articlelive_nx Multiple unspecified vulnerabilities in Interspire ArticleLive NX before 1.7.1.2 have unknown impact and attack vectors, possibly related to (1) AL_SANITIZE and (2) "Calling the constructor to make s… NVD-CWE-Other
CVE-2007-4147 2008-09-6 06:27 2007-08-4 Show GitHub Exploit DB Packet Storm
275998 - freshmeat generic_software_wrappers_toolkit Multiple race conditions in certain system call wrappers in Generic Software Wrappers Toolkit (GSWTK) allow local users to defeat system call interposition and possibly gain privileges or bypass audi… NVD-CWE-Other
CVE-2007-4302 2008-09-6 06:27 2007-08-14 Show GitHub Exploit DB Packet Storm
275999 - cerb cerbng Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileg… NVD-CWE-Other
CVE-2007-4303 2008-09-6 06:27 2007-08-14 Show GitHub Exploit DB Packet Storm
276000 - cerb cerbng CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect writ… NVD-CWE-Other
CVE-2007-4304 2008-09-6 06:27 2007-08-14 Show GitHub Exploit DB Packet Storm