Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
541 7.5 重要
Network 		Palo Alto Networks PAN-OS Palo Alto Networks の PAN-OS における NULL ポインタデリファレンスに関する脆弱性 CWE-476
CWE-476
CVE-2024-2550 2025-01-27 14:39 2024-11-14 Show GitHub Exploit DB Packet Storm
542 7.5 重要
Network 		lfprojects mlflow lfprojects の mlflow におけるパストラバーサルの脆弱性 CWE-22
CWE-29
CVE-2024-3848 2025-01-27 14:38 2024-05-16 Show GitHub Exploit DB Packet Storm
543 9.8 緊急
Network 		Themeum Tutor LMS Themeum の WordPress 用 Tutor LMS における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-4223 2025-01-27 14:38 2024-05-16 Show GitHub Exploit DB Packet Storm
544 5.4 警告
Network 		getshortcodes shortcodes ultimate getshortcodes の WordPress 用 shortcodes ultimate におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4553 2025-01-27 14:38 2024-05-21 Show GitHub Exploit DB Packet Storm
545 5.4 警告
Network 		Elementor Elementor Website Builder Elementor の WordPress 用 Elementor Website Builder におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4619 2025-01-27 14:38 2024-05-21 Show GitHub Exploit DB Packet Storm
546 5.4 警告
Network 		HasThemes HT Mega - Absolute Addons For Elementor HasThemes の WordPress 用 HT Mega - Absolute Addons For Elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4876 2025-01-27 14:38 2024-05-21 Show GitHub Exploit DB Packet Storm
547 7.3 重要
Network 		GamiPress GamiPress - Vimeo integration GamiPress の WordPress 用 GamiPress - Vimeo integration におけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2024-13495 2025-01-27 14:38 2025-01-22 Show GitHub Exploit DB Packet Storm
548 7.3 重要
Network 		GamiPress GamiPress - Vimeo integration GamiPress の WordPress 用 GamiPress - Vimeo integration におけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2024-13499 2025-01-27 14:38 2025-01-22 Show GitHub Exploit DB Packet Storm
549 6.4 警告
Network 		Apache Software Foundation Apache Pulsar Apache Software Foundation の Apache Pulsar における不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2024-29834 2025-01-27 14:38 2024-04-2 Show GitHub Exploit DB Packet Storm
550 9.8 緊急
Network 		Sapplica Sentrifugo Sapplica の Sentrifugo における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-29873 2025-01-27 14:38 2024-03-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274371 - enterasys netsight_console
netsight_inventory_manager 		The vendor has addressed this issue with the following product updates: Apply Security Patch 1 : http://www.enterasys.com/products/management/downloads/security_and_patches/ Or upgrade to Ente… NVD-CWE-Other
CVE-2007-2344 2011-03-8 11:54 2007-04-28 Show GitHub Exploit DB Packet Storm
274372 - freepbx freepbx admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter. NVD-CWE-Other
CVE-2007-2350 2011-03-8 11:54 2007-05-1 Show GitHub Exploit DB Packet Storm
274373 - symantec backupexec_system_recovery
livestate_recovery
norton_ghost
norton_save_and_recovery 		Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share cr… NVD-CWE-Other
CVE-2007-2360 2011-03-8 11:54 2007-05-1 Show GitHub Exploit DB Packet Storm
274374 - symantec backupexec_system_recovery
livestate_recovery
norton_ghost
norton_save_and_recovery 		"In order for this exploit to have an impact, administrators would either have to configure client machines to save restore points images to a private share, or the vulnerable machine would have to b… NVD-CWE-Other
CVE-2007-2360 2011-03-8 11:54 2007-05-1 Show GitHub Exploit DB Packet Storm
274375 - symantec enterprise_security_manager The agent remote upgrade interface in Symantec Enterprise Security Manager (ESM) before 20070405 does not verify the authenticity of upgrades, which allows remote attackers to execute arbitrary code … NVD-CWE-Other
CVE-2007-2375 2011-03-8 11:54 2007-05-1 Show GitHub Exploit DB Packet Storm
274376 - firefly firefly PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT paramete… NVD-CWE-Other
CVE-2007-2460 2011-03-8 11:54 2007-05-3 Show GitHub Exploit DB Packet Storm
274377 - novell securelogin Unspecified vulnerability in the ADSCHEMA utility in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to granting "users excess permissions to their… NVD-CWE-Other
CVE-2007-2475 2011-03-8 11:54 2007-05-3 Show GitHub Exploit DB Packet Storm
274378 - novell securelogin Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to Active Directory (AD) password changes. NVD-CWE-Other
CVE-2007-2476 2011-03-8 11:54 2007-05-3 Show GitHub Exploit DB Packet Storm
274379 - vmware server
workstation 		The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x100… NVD-CWE-Other
CVE-2007-2491 2011-03-8 11:54 2007-05-4 Show GitHub Exploit DB Packet Storm
274380 - wikkawiki wikkawiki Cross-site scripting (XSS) vulnerability in usersettings.php in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows remote attackers to inject arbitrary web script or HTML via the name parameter. NVD-CWE-Other
CVE-2007-2551 2011-03-8 11:54 2007-05-9 Show GitHub Exploit DB Packet Storm