Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
611 7.5 重要
Network 		Palo Alto Networks PAN-OS Palo Alto Networks の PAN-OS における NULL ポインタデリファレンスに関する脆弱性 CWE-20
CWE-476
CWE-476
CVE-2024-3385 2025-01-27 10:24 2024-04-10 Show GitHub Exploit DB Packet Storm
612 5 警告
Network 		Palo Alto Networks Prisma Access
PAN-OS 		Palo Alto Networks の PAN-OS および Prisma Access における権限管理に関する脆弱性 CWE-269
CWE-269
CWE-863
CWE-863
CVE-2024-3388 2025-01-27 10:24 2024-04-10 Show GitHub Exploit DB Packet Storm
613 6.5 警告
Network 		Themeum Tutor LMS Themeum の WordPress 用 Tutor LMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-4318 2025-01-27 10:24 2024-05-16 Show GitHub Exploit DB Packet Storm
614 5.4 警告
Network 		Blair Williams memberpress Blair Williams の WordPress 用 memberpress におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-5025 2025-01-27 10:24 2024-05-22 Show GitHub Exploit DB Packet Storm
615 4.8 警告
Network 		Palo Alto Networks PAN-OS Palo Alto Networks の PAN-OS におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-79
CVE-2024-5920 2025-01-27 10:24 2024-11-14 Show GitHub Exploit DB Packet Storm
616 5.3 警告
Network 		TenWeb, Inc. WPS Telegram Chat TenWeb, Inc. の WordPress 用 WPS Telegram Chat における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-9630 2025-01-27 10:24 2024-10-25 Show GitHub Exploit DB Packet Storm
617 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における無限ループに関する脆弱性 CWE-835
無限ループ 		CVE-2024-57940 2025-01-27 10:22 2024-12-31 Show GitHub Exploit DB Packet Storm
618 8.8 重要
Local 		マイクロソフト Azure Stack HCI Azure Stack HCI の特権昇格の脆弱性 CWE-798
CWE-noinfo
CVE-2024-49060 2025-01-27 10:22 2024-11-15 Show GitHub Exploit DB Packet Storm
619 5.5 警告
Local 		F5 Networks F5OS-A
F5OS-C 		F5 Networks の F5OS-A および F5OS-C における不正な認証に関する脆弱性 CWE-863
CWE-863
CVE-2024-24966 2025-01-27 09:39 2024-02-14 Show GitHub Exploit DB Packet Storm
620 9.8 緊急
Network 		HGiga OAKlouds-organization-2.0
OAKlouds-organization-3.0
OAKlouds-webbase-3.0
OAKlouds-webbase-2.0 		複数の HGiga 製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2024-26261 2025-01-24 17:53 2024-02-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275111 - viewvc viewvc query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access r… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-0005 2010-02-2 14:00 2010-01-30 Show GitHub Exploit DB Packet Storm
275112 - zeus zeus_web_server Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vect… CWE-79
Cross-site Scripting 		CVE-2010-0363 2010-02-2 14:00 2010-01-21 Show GitHub Exploit DB Packet Storm
275113 - zabbix zabbix SQL injection vulnerability in the get_history_lastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted reque… CWE-89
SQL Injection 		CVE-2009-4499 2010-02-2 14:00 2010-01-1 Show GitHub Exploit DB Packet Storm
275114 - mozilla seamonkey
thunderbird 		Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other applications, performs DNS prefetching even when the app type is APP_TYPE_MAIL or APP_TYPE_EDITOR, which makes it easier for remote a… CWE-200
Information Exposure 		CVE-2009-4629 2010-02-2 14:00 2010-01-30 Show GitHub Exploit DB Packet Storm
275115 - cisco unified_meetingplace Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) a… NVD-CWE-noinfo
CVE-2010-0140 2010-01-31 14:00 2010-01-29 Show GitHub Exploit DB Packet Storm
275116 - cisco unified_meetingplace Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml Affected Products Vulnerable Products Cisco Unified MeetingPlace versions 5, 6, and 7 are each affec… NVD-CWE-noinfo
CVE-2010-0140 2010-01-31 14:00 2010-01-29 Show GitHub Exploit DB Packet Storm
275117 - cisco unified_meetingplace MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-0142 2010-01-31 14:00 2010-01-29 Show GitHub Exploit DB Packet Storm
275118 - cisco unified_meetingplace Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml Affected Products Vulnerable Products Cisco Unified MeetingPlace versions 5, 6, and 7 are each affec… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-0142 2010-01-31 14:00 2010-01-29 Show GitHub Exploit DB Packet Storm
275119 - sun java_system_application_server The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credential… CWE-16
Configuration 		CVE-2010-0386 2010-01-31 14:00 2010-01-26 Show GitHub Exploit DB Packet Storm
275120 - sun java_system_application_server Per: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200942-1 Contributing Factors This issue can occur in the following releases: * Sun Java System Application Server Standar… CWE-16
Configuration 		CVE-2010-0386 2010-01-31 14:00 2010-01-26 Show GitHub Exploit DB Packet Storm