Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
831 5.5 警告
Local 		マイクロソフト Microsoft Windows 11
Microsoft Windows 10
Microsoft Windows Server 2022
Microsoft Windows Server 2025 		Windows カーネル メモリの情報漏えいの脆弱性 CWE-532
CWE-noinfo
CVE-2025-21317 2025-01-23 13:46 2025-01-14 Show GitHub Exploit DB Packet Storm
832 9 緊急
Network 		フォーティネット FortiNAC フォーティネットの FortiNAC におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-31488 2025-01-23 13:43 2024-05-14 Show GitHub Exploit DB Packet Storm
833 8.8 重要
Network 		Mozilla Foundation
Debian		 Mozilla Thunderbird
Mozilla Firefox
Debian GNU/Linux 		Mozilla Foundation の Mozilla Firefox 等複数ベンダの製品における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2024-4777 2025-01-23 13:41 2024-05-14 Show GitHub Exploit DB Packet Storm
834 8.8 重要
Network 		フォーティネット FortiSOAR フォーティネットの FortiSOAR における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2023-23775 2025-01-23 13:35 2023-01-18 Show GitHub Exploit DB Packet Storm
835 4.3 警告
Network 		07fly 07FlyCms 07fly の 07FlyCms におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2024-57161 2025-01-23 12:46 2025-01-16 Show GitHub Exploit DB Packet Storm
836 7.8 重要
Local 		マイクロソフト Microsoft Windows Server 2022
Microsoft Windows Server 2025 		Internet Explorer のリモートでコードが実行される脆弱性 CWE-843
CWE-noinfo
CVE-2025-21326 2025-01-23 12:16 2025-01-14 Show GitHub Exploit DB Packet Storm
837 5.5 警告
Local 		マイクロソフト Microsoft Windows Server 2022
Microsoft Windows Server 2016
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microso… 		Windows カーネル メモリの情報漏えいの脆弱性 CWE-532
CWE-noinfo
CVE-2025-21319 2025-01-23 12:11 2025-01-14 Show GitHub Exploit DB Packet Storm
838 5.5 警告
Local 		マイクロソフト Microsoft Windows Server 2022
Microsoft Windows Server 2016
Microsoft Windows Server 2012
Microsoft Windows 10
Microsoft Window… 		Windows カーネル メモリの情報漏えいの脆弱性 CWE-532
CWE-noinfo
CVE-2025-21316 2025-01-23 12:06 2025-01-14 Show GitHub Exploit DB Packet Storm
839 6.5 警告
Network 		Mozilla Foundation Mozilla Firefox Mozilla Foundation の Mozilla Firefox における脆弱性 CWE-noinfo
情報不足 		CVE-2024-4774 2025-01-23 12:02 2024-05-14 Show GitHub Exploit DB Packet Storm
840 4.3 警告
Network 		フォーティネット FortiManager フォーティネットの FortiManager における脆弱性 CWE-200
CWE-noinfo
CVE-2024-33506 2025-01-23 12:00 2024-10-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274701 - adobe coldfusion Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 7.0 and 7.0.1, when Global Script Protection is not enabled, allows remote attackers to inject arbitrary HTML and web script via unkn… CWE-79
Cross-site Scripting 		CVE-2006-5859 2011-03-8 11:43 2007-02-14 Show GitHub Exploit DB Packet Storm
274702 - adobe coldfusion Successful exploitation requires that Global Script Protection is not enabled. CWE-79
Cross-site Scripting 		CVE-2006-5859 2011-03-8 11:43 2007-02-14 Show GitHub Exploit DB Packet Storm
274703 - pstotext pstotext pstotext before 1.9 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a file name. NVD-CWE-Other
CVE-2006-5869 2011-03-8 11:43 2006-11-27 Show GitHub Exploit DB Packet Storm
274704 - cchost cchost SQL injection vulnerability in Creative Commons Tools ccHost before 3.0 allows remote attackers to execute arbitrary SQL commands via a crafted URL, which is used to populate the file ID. NOTE: Some… NVD-CWE-Other
CVE-2006-4778 2011-03-8 11:42 2006-09-14 Show GitHub Exploit DB Packet Storm
274705 - roxio toast Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and possibly other products, allows local users to execute arbitrary code via temporary files, including dejavu_manual.rb, which are execu… CWE-362
Race Condition 		CVE-2006-4801 2011-03-8 11:42 2006-09-15 Show GitHub Exploit DB Packet Storm
274706 - iodine iodine Unspecified vulnerability in IP over DNS is now easy (iodine) before 0.3.2 has unknown impact and attack vectors, related to "potential security problems." NVD-CWE-Other
CVE-2006-4831 2011-03-8 11:42 2006-09-16 Show GitHub Exploit DB Packet Storm
274707 - iodine iodine This vulnerability is addressed in the following product release: Iodine, Iodine, 0.3.2 NVD-CWE-Other
CVE-2006-4831 2011-03-8 11:42 2006-09-16 Show GitHub Exploit DB Packet Storm
274708 - paul_smith_computer_services vcap Multiple cross-site scripting (XSS) vulnerabilities in Paul Smith Computer Services vCAP 1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the statusmsg parameter in Registe… NVD-CWE-Other
CVE-2006-5035 2011-03-8 11:42 2006-09-28 Show GitHub Exploit DB Packet Storm
274709 - andreas_gohr dokuwiki lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote attackers to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image. NVD-CWE-Other
CVE-2006-5098 2011-03-8 11:42 2006-09-30 Show GitHub Exploit DB Packet Storm
274710 - andreas_gohr dokuwiki lib/exec/fetch.php in DokuWiki before 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) w a… NVD-CWE-Other
CVE-2006-5099 2011-03-8 11:42 2006-09-30 Show GitHub Exploit DB Packet Storm