Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 16, 2025, 6:05 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
531 8.1 重要
Network
lunary lunary lunary におけるユーザ制御の鍵による認証回避に関する脆弱性 New CWE-284
CWE-639
CVE-2024-4151 2025-01-14 14:20 2024-05-20 Show GitHub Exploit DB Packet Storm
532 9.6 緊急
Network
Wpmet elementskit Wpmet の WordPress 用 elementskit におけるサーバサイドのリクエストフォージェリの脆弱性 New CWE-918
サーバサイドリクエストフォージェリ
CVE-2024-4404 2025-01-14 14:20 2024-06-14 Show GitHub Exploit DB Packet Storm
533 5.5 警告
Local
Huawei HarmonyOS
EMUI
Huawei の EMUI および HarmonyOS における脆弱性 New CWE-284
CWE-Other
CVE-2024-54096 2025-01-14 14:20 2024-12-12 Show GitHub Exploit DB Packet Storm
534 4.3 警告
Network
Royal Elementor Addons Royal Elementor Addons and Templates Royal Elementor Addons の WordPress 用 Royal Elementor Addons and Templates における脆弱性 New CWE-200
CWE-noinfo
CVE-2024-7417 2025-01-14 14:20 2024-10-17 Show GitHub Exploit DB Packet Storm
535 9.8 緊急
Network
fabianros responsive hotel site fabianros の responsive hotel site における SQL インジェクションの脆弱性 New CWE-74
CWE-89
CWE-89
CVE-2025-0230 2025-01-14 14:20 2025-01-5 Show GitHub Exploit DB Packet Storm
536 6.8 警告
Physics
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Window…
セキュア ブートのセキュリティ機能のバイパスの脆弱性 New CWE-122
CWE-noinfo
CVE-2024-26168 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
537 6.7 警告
Local
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Window…
セキュア ブートのセキュリティ機能のバイパスの脆弱性 New CWE-190
CWE-noinfo
CVE-2024-26171 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
538 7.3 重要
Local
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows Server 2012
Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microso…
Windows File Server Resource Management Service の特権の昇格の脆弱性 New CWE-59
CWE-noinfo
CVE-2024-26216 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
539 5 警告
Local
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2019
Microsoft Windows 10
Microsoft Windows Server&…
Windows モバイル ホットスポット情報漏えいの脆弱性 New CWE-908
CWE-908
CVE-2024-26220 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
540 6.6 警告
Network
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Windows DNS サーバーのリモートでコードが実行される脆弱性 New CWE-416
CWE-noinfo
CVE-2024-26223 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 16, 2025, 4:15 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
277681 - leszek_krupinski l-forum Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is on, allows remote attackers to insert arbitrary script or HTML via message fields includin… NVD-CWE-Other
CVE-2002-1458 2008-09-6 05:30 2003-06-9 Show GitHub Exploit DB Packet Storm
277682 - leszek_krupinski l-forum Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers to insert arbitrary script or HTML via message fields includi… NVD-CWE-Other
CVE-2002-1459 2008-09-6 05:30 2003-06-9 Show GitHub Exploit DB Packet Storm
277683 - leszek_krupinski l-forum L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which… NVD-CWE-Other
CVE-2002-1460 2008-09-6 05:30 2003-06-9 Show GitHub Exploit DB Packet Storm
277684 - webscriptworld web_shop_manager Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box. NVD-CWE-Other
CVE-2002-1461 2008-09-6 05:30 2003-06-9 Show GitHub Exploit DB Packet Storm
277685 - organicphp php-affiliate details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers to modify information of other users by modifying certain hidden form fields. NVD-CWE-Other
CVE-2002-1462 2008-09-6 05:30 2003-06-9 Show GitHub Exploit DB Packet Storm
277686 - cafelog b2 Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable. NVD-CWE-Other
CVE-2002-1464 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm
277687 - cafelog b2 SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable. NVD-CWE-Other
CVE-2002-1465 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm
277688 - cafelog b2 CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable. NVD-CWE-Other
CVE-2002-1466 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm
277689 - macromedia flash_player
shockwave
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3)… NVD-CWE-Other
CVE-2002-1467 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm
277690 - ibm aix Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root. NVD-CWE-Other
CVE-2002-1468 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm