Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
821	5.3	警告 Network	aio-libs project	aiosmtpd	aio-libs project の aiosmtpd におけるデータの信頼性についての不十分な検証に関する脆弱性	CWE-345 CWE-345	CVE-2024-27305	2025-01-23 14:45	2024-03-12	Show	GitHub Exploit DB Packet Storm

822	6	警告 Local	フォーティネット	FortiAnalyzer-BigData FortiManager FortiAnalyzer	複数のフォーティネット製品におけるパストラバーサルの脆弱性	CWE-22 CWE-23	CVE-2024-32116	2025-01-23 14:43	2024-11-12	Show	GitHub Exploit DB Packet Storm

823	8.8	重要 Network	フォーティネット	FortiAnalyzer-BigData FortiManager FortiAnalyzer	複数のフォーティネット製品における脆弱性	CWE-602 CWE-Other	CVE-2024-23666	2025-01-23 14:42	2024-11-12	Show	GitHub Exploit DB Packet Storm

824	4.1	警告 Network	フォーティネット	FortiAnalyzer-BigData FortiManager FortiAnalyzer	複数のフォーティネット製品における脆弱性	CWE-359 CWE-Other	CVE-2023-44255	2025-01-23 14:38	2023-09-27	Show	GitHub Exploit DB Packet Storm

825	9.8	緊急 Network	Kabir Alhasan	Student Management System	code-projects の Student Management System における SQL インジェクションの脆弱性	CWE-74 CWE-89 CWE-89	CVE-2025-0203	2025-01-23 14:33	2025-01-4	Show	GitHub Exploit DB Packet Storm

826	6.1	警告 Network	code-projects	Exam Form Submission	code-projects の Exam Form Submission におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2023-42307	2025-01-23 14:29	2023-09-8	Show	GitHub Exploit DB Packet Storm

827	4.3	警告 Network	マイクロソフト	Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2008 Microsoft Windows Server 2012 Microso…	MapUrlToZone セキュリティ機能のバイパスの脆弱性	CWE-41 CWE-noinfo	CVE-2025-21328	2025-01-23 13:57	2025-01-14	Show	GitHub Exploit DB Packet Storm

828	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server&…	Windows カーネルメモリの情報漏えいの脆弱性	CWE-532 CWE-noinfo	CVE-2025-21323	2025-01-23 13:54	2025-01-14	Show	GitHub Exploit DB Packet Storm

829	7.5	重要 Network	フォーティネット	FortiSOAR	フォーティネットの FortiSOAR における過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2024-45327	2025-01-23 13:50	2024-09-10	Show	GitHub Exploit DB Packet Storm

830	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2012 Microsoft Windows 10 Microsoft Window…	Windows カーネルメモリの情報漏えいの脆弱性	CWE-532 CWE-noinfo	CVE-2025-21321	2025-01-23 13:50	2025-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 23, 2025, 4:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274201	-	brooky	estore	Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to obtain sensitive path information via a direct HTTP request to settings.inc.php.	NVD-CWE-Other	CVE-2003-0586	2016-10-18 11:35	2003-08-18	Show	GitHub Exploit DB Packet Storm

274202	-	infopop	ultimate_bulletin_board	Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the "display…	NVD-CWE-Other	CVE-2003-0587	2016-10-18 11:35	2003-08-18	Show	GitHub Exploit DB Packet Storm

274203	-	digi-fx	digi-news	admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php tha…	NVD-CWE-Other	CVE-2003-0588	2016-10-18 11:35	2003-08-18	Show	GitHub Exploit DB Packet Storm

274204	-	digi-fx	digi-news	admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that…	NVD-CWE-Other	CVE-2003-0589	2016-10-18 11:35	2003-08-18	Show	GitHub Exploit DB Packet Storm

274205	-	splatt	splatt_forum	Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field.	NVD-CWE-Other	CVE-2003-0590	2016-10-18 11:35	2003-08-18	Show	GitHub Exploit DB Packet Storm

274206	-	sco	openserver	Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.	NVD-CWE-Other	CVE-2003-0597	2016-10-18 11:35	2003-08-27	Show	GitHub Exploit DB Packet Storm

274207	-	hugo_rabson	mindi	mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.	NVD-CWE-Other	CVE-2003-0617	2016-10-18 11:35	2003-08-27	Show	GitHub Exploit DB Packet Storm

274208	-	andries_brouwer	man	Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in…	NVD-CWE-Other	CVE-2003-0620	2016-10-18 11:35	2003-08-27	Show	GitHub Exploit DB Packet Storm

274209	-	ehud_gavron	traceroute-nanog	traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain "nprobes" and "max_ttl" arguments that cause an integer overflow that is use…	NVD-CWE-Other	CVE-2003-0453	2016-10-18 11:34	2003-08-7	Show	GitHub Exploit DB Packet Storm

274210	-	imagemagick	libmagick_library	The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files.	NVD-CWE-Other	CVE-2003-0455	2016-10-18 11:34	2003-08-7	Show	GitHub Exploit DB Packet Storm