Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
711 7.8 重要
Local 		PHOENIX CONTACT charx sec-3150 ファームウェア
charx sec-3100 ファームウェア
charx sec-3000 ファームウェア
charx sec-3050 ファームウェア 		複数の PHOENIX CONTACT 製品における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2024-25999 2025-01-24 11:54 2024-03-12 Show GitHub Exploit DB Packet Storm
712 7.5 重要
Network 		PHOENIX CONTACT charx sec-3150 ファームウェア
charx sec-3100 ファームウェア
charx sec-3000 ファームウェア
charx sec-3050 ファームウェア 		複数の PHOENIX CONTACT 製品における初期化されていないポインタのアクセスに関する脆弱性 CWE-824
初期化されていないポインタのアクセス 		CVE-2024-26004 2025-01-24 11:54 2024-03-12 Show GitHub Exploit DB Packet Storm
713 8.5 重要
Network 		Pterodactyl Wings Pterodactyl の Wings におけるパストラバーサルの脆弱性 CWE-22
CWE-22
CWE-362
CWE-362
CWE-363
CVE-2024-27102 2025-01-24 11:54 2024-03-13 Show GitHub Exploit DB Packet Storm
714 7 重要
Network 		PHOENIX CONTACT charx sec-3150 ファームウェア
charx sec-3100 ファームウェア
charx sec-3000 ファームウェア
charx sec-3050 ファームウェア 		複数の PHOENIX CONTACT 製品における重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2024-28134 2025-01-24 11:54 2024-05-14 Show GitHub Exploit DB Packet Storm
715 7.8 重要
Local 		PHOENIX CONTACT charx sec-3150 ファームウェア
charx sec-3100 ファームウェア
charx sec-3000 ファームウェア
charx sec-3050 ファームウェア 		複数の PHOENIX CONTACT 製品における Time-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2024-28137 2025-01-24 11:54 2024-05-14 Show GitHub Exploit DB Packet Storm
716 5.4 警告
Network 		themelooks enter addons themelooks の WordPress 用 enter addons におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-79
CVE-2024-47625 2025-01-24 11:54 2024-10-5 Show GitHub Exploit DB Packet Storm
717 7.2 重要
Network 		GLPI-PROJECT.ORG GLPI GLPI-PROJECT.ORG の GLPI における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2024-47761 2025-01-24 11:54 2024-12-11 Show GitHub Exploit DB Packet Storm
718 9.8 緊急
Network 		Aviatrix Controller Aviatrix の Controller における OS コマンドインジェクションの脆弱性 CWE-78
CWE-78
CVE-2024-50603 2025-01-24 11:54 2024-10-27 Show GitHub Exploit DB Packet Storm
719 9.8 緊急
Network 		ZyXEL NAS 326 ファームウェア
NAS 542 ファームウェア 		ZyXEL の NAS 326 ファームウェアおよび NAS 542 ファームウェアにおける OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-6342 2025-01-24 11:54 2024-09-10 Show GitHub Exploit DB Packet Storm
720 7.8 重要
Local 		インテル graphics performance analyzers インテルの graphics performance analyzers における制御されていない検索パスの要素に関する脆弱性 CWE-427
CWE-427
CVE-2023-41961 2025-01-24 11:54 2023-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 1, 2025, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
279471 - dug_song dsniff
fragroute
fragrouter 		configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when downloaded from monkey.org on May 17, 2002, has been modified to contain a backdoor, which allows remote attackers to access the syst… NVD-CWE-Other
CVE-2002-2049 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
279472 - modlogan modlogan Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in t… NVD-CWE-Other
CVE-2002-2050 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
279473 - modlogan modlogan The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in … NVD-CWE-Other
CVE-2002-2051 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
279474 - cisco ios Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scann… NVD-CWE-Other
CVE-2002-2052 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
279475 - cisco ios The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the… NVD-CWE-Other
CVE-2002-2053 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
279476 - intel d845bg_motherboard
d845hv_motherboard
d845pt_motherboard
d845wn_motherboard 		BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not properly restrict access to configuration information when BIOS passwords are enabled, which could allow local users to change th… NVD-CWE-Other
CVE-2002-2059 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
279477 - twibright_labs links Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images. NVD-CWE-Other
CVE-2002-2060 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
279478 - atguard atguard_personal_firewall AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames. NVD-CWE-Other
CVE-2002-2063 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
279479 - phpwebgallery phpwebgallery isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo. NVD-CWE-Other
CVE-2002-2064 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
279480 - webcalendar webcalendar WebCalendar 0.9.34 and earlier with 'browsing in includes directory' enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root. NVD-CWE-Other
CVE-2002-2065 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm