Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 3, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
71 8.8 重要
Network 		Google
Fedora Project		 Fedora
Google Chrome 		Google の Google Chrome 等複数ベンダの製品における解放済みメモリの使用に関する脆弱性 CWE-416
CWE-416
CWE-416
CVE-2024-6293 2024-12-27 09:36 2024-06-24 Show GitHub Exploit DB Packet Storm
72 8.8 重要
Network 		Google Google Chrome Google の Google Chrome における解放済みメモリの使用に関する脆弱性 CWE-416
CWE-416
CWE-416
CVE-2024-6775 2024-12-27 09:36 2024-07-16 Show GitHub Exploit DB Packet Storm
73 7.8 重要
Local 		Google Android 複数の Nexus および Android One デバイス上で稼動する Android の Qualcomm 暗号化エンジンドライバにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2016-3935 2024-12-25 17:58 2016-10-3 Show GitHub Exploit DB Packet Storm
74 5.1 警告 sobexsrv sobexsrv sobexsrv における脆弱性 CWE-Other
その他 		CVE-2005-3995 2024-12-25 16:50 2005-12-5 Show GitHub Exploit DB Packet Storm
75 2.6 注意 リアルネットワークス realarcade リアルネットワークスの realarcade における脆弱性 CWE-Other
その他 		CVE-2005-0348 2024-12-25 16:04 2005-05-2 Show GitHub Exploit DB Packet Storm
76 5.1 警告 リアルネットワークス realarcade リアルネットワークスの realarcade における脆弱性 CWE-Other
その他 		CVE-2005-0347 2024-12-25 16:01 2005-02-8 Show GitHub Exploit DB Packet Storm
77 5.9 警告
Network 		IBM IBM QRadar Suite Software
Cloud Pak for Security 		IBM の Cloud Pak for Security および IBM QRadar Suite Software における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2023-47742 2024-12-25 15:27 2023-11-9 Show GitHub Exploit DB Packet Storm
78 6 警告 TorrentFlux TorrentFlux TorrentFlux の index.php における任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2006-6330 2024-12-25 15:26 2006-12-6 Show GitHub Exploit DB Packet Storm
79 7.5 重要
Network 		- IBM の IBM MQ Operator における暗号アルゴリズムの使用に関する脆弱性 CWE-327
不完全、または危険な暗号アルゴリズムの使用 		CVE-2024-27255 2024-12-25 15:26 2024-03-1 Show GitHub Exploit DB Packet Storm
80 8.5 危険 ez photo sales ez photo sales EZPhotoSales における PHP リモートファイルインクルージョン脆弱性 CWE-Other
その他 		CVE-2007-4262 2024-12-25 15:22 2007-08-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 4, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
276161 - pingtel xpressa The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows administrators to cause a denial of service by modifying the SIP_AUTHENTICATE_SCHEME value to force au… NVD-CWE-Other
CVE-2002-0669 2008-09-6 05:28 2003-02-19 Show GitHub Exploit DB Packet Storm
276162 - pingtel xpressa The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for HTTP basic authentication, which allows remote attackers to s… NVD-CWE-Other
CVE-2002-0670 2008-09-6 05:28 2002-07-23 Show GitHub Exploit DB Packet Storm
276163 - pingtel xpressa Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets… NVD-CWE-Other
CVE-2002-0672 2008-09-6 05:28 2002-07-23 Show GitHub Exploit DB Packet Storm
276164 - pingtel xpressa The enrollment process for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to the phone to log out the current user and re-register the phone… NVD-CWE-Other
CVE-2002-0673 2008-09-6 05:28 2002-07-23 Show GitHub Exploit DB Packet Storm
276165 - apple mac_os_x SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via t… NVD-CWE-Other
CVE-2002-0676 2008-09-6 05:28 2002-07-11 Show GitHub Exploit DB Packet Storm
276166 - zope zope The "through the web code" capability for Zope 2.0 through 2.5.1 b1 allows untrusted users to shut down the Zope server via certain headers. NVD-CWE-Other
CVE-2002-0687 2008-09-6 05:28 2002-07-23 Show GitHub Exploit DB Packet Storm
276167 - zope zope ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes. NVD-CWE-Other
CVE-2002-0688 2008-09-6 05:28 2002-07-23 Show GitHub Exploit DB Packet Storm
276168 - gisle_aas digest-md5 An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the d… NVD-CWE-Other
CVE-2002-0703 2008-09-6 05:28 2002-07-26 Show GitHub Exploit DB Packet Storm
276169 - greg_roelofs libpng Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data t… NVD-CWE-Other
CVE-2002-0728 2008-09-6 05:28 2002-08-12 Show GitHub Exploit DB Packet Storm
276170 - philip_chinery philip_chinerys_guestbook Cross-site scripting vulnerability in guestbook.pl for Philip Chinery's Guestbook 1.1 allows remote attackers to execute Javascript or HTML via fields such as (1) Name, (2) EMail, or (3) Homepage. NVD-CWE-Other
CVE-2002-0730 2008-09-6 05:28 2002-08-12 Show GitHub Exploit DB Packet Storm