Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 20, 2025, 2:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
641	7.5	重要 Network	Alan Clarke	urlite	Alan Clarke の Node.js 用 urlite における非効率的な正規表現の複雑さに関する脆弱性	CWE-1333 CWE-20	CVE-2023-51931	2025-01-15 15:45	2023-12-26	Show	GitHub Exploit DB Packet Storm

642	4.3	警告 Adjacent	Huawei	HUAWEI 4G Router B612 ファームウェア	Huawei の HUAWEI 4G Router B612 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-124 CWE-787	CVE-2020-9086	2025-01-15 15:41	2020-02-18	Show	GitHub Exploit DB Packet Storm

643	7.3	重要 Local	Radmin	Advanced IP Scanner	Radmin の Advanced IP Scanner における制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2024-30376	2025-01-15 15:40	2024-11-22	Show	GitHub Exploit DB Packet Storm

644	5.5	警告 Local	クアルコム	SD 205 ファームウェア SD 632 ファームウェア SD 212 ファームウェア SD 625 ファームウェア SD 430 ファームウェア MDM9206 ファームウェア MDM9607 ファームウェア SD 450…	複数のクアルコム製品における脆弱性	CWE-16 CWE-noinfo	CVE-2018-11922	2025-01-15 15:37	2018-06-7	Show	GitHub Exploit DB Packet Storm

645	9.8	緊急 Network	マイクロソフト	Microsoft Partner Center	Partner.Microsoft.Com の特権昇格の脆弱性	CWE-269 CWE-Other	CVE-2024-49035	2025-01-15 15:32	2024-11-26	Show	GitHub Exploit DB Packet Storm

646	8.8	重要 Network	Gym Management System project	Gym Management System	codezips の Gym Management System における SQL インジェクションの脆弱性	CWE-74 CWE-89 CWE-89	CVE-2025-0231	2025-01-15 15:25	2025-01-5	Show	GitHub Exploit DB Packet Storm

647	9.8	緊急 Network	Projectworlds	Travel Management System	fabianros の Travel Management System における SQL インジェクションの脆弱性	CWE-74 CWE-89 CWE-89	CVE-2025-0229	2025-01-15 15:21	2025-01-5	Show	GitHub Exploit DB Packet Storm

648	9.8	緊急 Network	campcodes	Complete Student Grading System	campcodes の Complete Student Grading System における SQL インジェクションの脆弱性	CWE-74 CWE-89 CWE-89	CVE-2025-0212	2025-01-15 15:12	2025-01-4	Show	GitHub Exploit DB Packet Storm

649	7.5	重要 Network	Huawei	EMUI HarmonyOS	Huawei の EMUI および HarmonyOS における脆弱性	CWE-227 CWE-noinfo	CVE-2024-56442	2025-01-15 15:04	2024-12-26	Show	GitHub Exploit DB Packet Storm

650	7.5	重要 Network	クアルコム	QCA8081 ファームウェア QCA6431 ファームウェア qca6698aq ファームウェア fastconnect 6900 ファームウェア QCA6595AU ファームウェア QCA6421 ファームウェア QCA8337 ファームウェア QCA6574A …	複数のクアルコム製品における不正な型変換に関する脆弱性	CWE-704 CWE-704	CVE-2023-33101	2025-01-15 15:01	2023-05-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 20, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
279041	-	texas_imperial_software	wftpd	Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a var…	NVD-CWE-Other	CVE-2000-1101	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

279042	-	ptlink	ptlink_irc_services ptlink_ircd	PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to cause a denial of service (server crash) via "mode +owgscfxeb" and "oper" commands.	NVD-CWE-Other	CVE-2000-1102	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

279043	-	bsdi	bsd_os	rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command li…	NVD-CWE-Other	CVE-2000-1103	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

279044	-	microsoft	indexing_service	The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 sy…	NVD-CWE-Other	CVE-2000-1105	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

279045	-	ibm	net.data	document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program.	NVD-CWE-Other	CVE-2000-1110	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

279046	-	unify	ewave_servletexec	Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".	NVD-CWE-Other	CVE-2000-1114	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

279047	-	24link	24link	24Link 1.06 web server allows remote attackers to bypass access restrictions by prepending strings such as "/+/" or "/." to the HTTP GET request.	NVD-CWE-Other	CVE-2000-1118	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

279048	-	hp	hp-ux	registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to …	NVD-CWE-Other	CVE-2000-1127	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

279049	-	mcafee	virusscan	The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in t…	NVD-CWE-Other	CVE-2000-1128	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

279050	-	network_associates	webshield_smtp	McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of service via a malformed recipient field.	NVD-CWE-Other	CVE-2000-1129	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed