Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
611 7.5 重要
Network 		Palo Alto Networks PAN-OS Palo Alto Networks の PAN-OS における NULL ポインタデリファレンスに関する脆弱性 CWE-20
CWE-476
CWE-476
CVE-2024-3385 2025-01-27 10:24 2024-04-10 Show GitHub Exploit DB Packet Storm
612 5 警告
Network 		Palo Alto Networks Prisma Access
PAN-OS 		Palo Alto Networks の PAN-OS および Prisma Access における権限管理に関する脆弱性 CWE-269
CWE-269
CWE-863
CWE-863
CVE-2024-3388 2025-01-27 10:24 2024-04-10 Show GitHub Exploit DB Packet Storm
613 6.5 警告
Network 		Themeum Tutor LMS Themeum の WordPress 用 Tutor LMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-4318 2025-01-27 10:24 2024-05-16 Show GitHub Exploit DB Packet Storm
614 5.4 警告
Network 		Blair Williams memberpress Blair Williams の WordPress 用 memberpress におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-5025 2025-01-27 10:24 2024-05-22 Show GitHub Exploit DB Packet Storm
615 4.8 警告
Network 		Palo Alto Networks PAN-OS Palo Alto Networks の PAN-OS におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-79
CVE-2024-5920 2025-01-27 10:24 2024-11-14 Show GitHub Exploit DB Packet Storm
616 5.3 警告
Network 		TenWeb, Inc. WPS Telegram Chat TenWeb, Inc. の WordPress 用 WPS Telegram Chat における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-9630 2025-01-27 10:24 2024-10-25 Show GitHub Exploit DB Packet Storm
617 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における無限ループに関する脆弱性 CWE-835
無限ループ 		CVE-2024-57940 2025-01-27 10:22 2024-12-31 Show GitHub Exploit DB Packet Storm
618 8.8 重要
Local 		マイクロソフト Azure Stack HCI Azure Stack HCI の特権昇格の脆弱性 CWE-798
CWE-noinfo
CVE-2024-49060 2025-01-27 10:22 2024-11-15 Show GitHub Exploit DB Packet Storm
619 5.5 警告
Local 		F5 Networks F5OS-A
F5OS-C 		F5 Networks の F5OS-A および F5OS-C における不正な認証に関する脆弱性 CWE-863
CWE-863
CVE-2024-24966 2025-01-27 09:39 2024-02-14 Show GitHub Exploit DB Packet Storm
620 9.8 緊急
Network 		HGiga OAKlouds-organization-2.0
OAKlouds-organization-3.0
OAKlouds-webbase-3.0
OAKlouds-webbase-2.0 		複数の HGiga 製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2024-26261 2025-01-24 17:53 2024-02-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275101 - sun one_web_server Sun ONE (aka iPlanet) Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP a… CWE-189
Numeric Errors 		CVE-2003-1579 2010-02-8 23:55 2010-02-6 Show GitHub Exploit DB Packet Storm
275102 - ibm cognos_express IBM Cognos Express 9.0 allows attackers to obtain unspecified access to the Tomcat Manager component, and cause a denial of service, by leveraging hardcoded credentials. CWE-255
Credentials Management 		CVE-2010-0557 2010-02-8 14:00 2010-02-6 Show GitHub Exploit DB Packet Storm
275103 - apache http_server The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which al… CWE-189
Numeric Errors 		CVE-2003-1580 2010-02-8 14:00 2010-02-6 Show GitHub Exploit DB Packet Storm
275104 - apache http_server The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafte… CWE-79
Cross-site Scripting 		CVE-2003-1581 2010-02-8 14:00 2010-02-6 Show GitHub Exploit DB Packet Storm
275105 - tor tor Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymi… CWE-200
Information Exposure 		CVE-2010-0383 2010-02-5 16:13 2010-01-26 Show GitHub Exploit DB Packet Storm
275106 - ircd-ratbox ircd-ratbox cache.c in ircd-ratbox before 2.2.9 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a HELP command. NVD-CWE-Other
CVE-2010-0300 2010-02-5 14:00 2010-02-5 Show GitHub Exploit DB Packet Storm
275107 - ircd-ratbox ircd-ratbox Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference' NVD-CWE-Other
CVE-2010-0300 2010-02-5 14:00 2010-02-5 Show GitHub Exploit DB Packet Storm
275108 - xerox workcentre_5632
workcentre_5638
workcentre_5645
workcentre_5655
workcentre_5665
workcentre_5675
workcentre_5687 		Multiple unspecified vulnerabilities in the Network Controller and Web Server in Xerox WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, and 5687 allow remote attackers to (1) access mailboxes via unkno… CWE-200
Information Exposure 		CVE-2010-0548 2010-02-5 14:00 2010-02-5 Show GitHub Exploit DB Packet Storm
275109 - ircd-hybrid
ircd-ratbox
oftc 		ircd-hybrid
ircd-ratbox
oftc-hybrid 		Integer underflow in the clean_string function in irc_string.c in (1) IRCD-hybrid 7.2.2 and 7.2.3, (2) ircd-ratbox before 2.2.9, and (3) oftc-hybrid before 1.6.8, when flatten_links is disabled, allo… CWE-189
Numeric Errors 		CVE-2009-4016 2010-02-5 14:00 2010-02-5 Show GitHub Exploit DB Packet Storm
275110 - comtrend ct-507it_adsl_router Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows remote attackers to inject arbitrary web script or HTML via the srvName parameter. CWE-79
Cross-site Scripting 		CVE-2010-0470 2010-02-3 14:00 2010-02-3 Show GitHub Exploit DB Packet Storm