Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
841	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows Server 2025	Microsoft Resilient File System の特権昇格の脆弱性	CWE-416 CWE-noinfo	CVE-2025-21315	2025-01-23 11:58	2025-01-14	Show	GitHub Exploit DB Packet Storm

842	4.3	警告 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 Microsoft Windows Server 2012 Microsoft Windows Server 2022 Microsoft Window…	MapUrlToZone セキュリティ機能のバイパスの脆弱性	CWE-41 CWE-noinfo	CVE-2025-21329	2025-01-23 11:58	2025-01-14	Show	GitHub Exploit DB Packet Storm

843	4.9	警告 Network	フォーティネット	FortiAnalyzer FortiManager FortiAnalyzer-BigData	複数のフォーティネット製品におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2024-32117	2025-01-23 11:50	2024-11-12	Show	GitHub Exploit DB Packet Storm

844	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	AC7 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の AC7 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-2900	2025-01-23 11:49	2024-03-26	Show	GitHub Exploit DB Packet Storm

845	9.8	緊急 Network	StylemixThemes	MasterStudy LMS	StylemixThemes の WordPress 用 MasterStudy LMS における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-37094	2025-01-23 11:49	2024-11-1	Show	GitHub Exploit DB Packet Storm

846	8.8	重要 Network	Sonaar Music	mp3 audio player for music radio & podcast	Sonaar Music の WordPress 用 mp3 audio player for music, radio & podcast における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-56266	2025-01-23 11:49	2024-12-18	Show	GitHub Exploit DB Packet Storm

847	6.5	警告 Network	フォーティネット	FortiSOAR	フォーティネットの FortiSOAR における保存または転送前の重要な情報の削除に関する脆弱性	CWE-212 保存または転送前の重要な情報の不適切な削除	CVE-2024-31493	2025-01-23 11:48	2024-05-14	Show	GitHub Exploit DB Packet Storm

848	5.4	警告 Network	Themeisle	otter blocks	ThemeIsle の WordPress 用 otter blocks におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-3343	2025-01-23 11:48	2024-04-11	Show	GitHub Exploit DB Packet Storm

849	9.8	緊急 Network	Shenzhen Tenda Technology Co.,Ltd.	AC18 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の AC18 ファームウェアにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2024-57583	2025-01-23 11:48	2025-01-16	Show	GitHub Exploit DB Packet Storm

850	8.8	重要 Network	jfinaloa project	jfinaloa	jfinaloa project の jfinaloa における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-57769	2025-01-23 11:48	2025-01-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274681	-	rpm ubuntu	package_manager ubuntu_linux	Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to ex…	NVD-CWE-Other	CVE-2006-5466	2011-03-8 11:43	2006-11-7	Show	GitHub Exploit DB Packet Storm

274682	-	rpm ubuntu	package_manager ubuntu_linux	Successful exploitation may allow the execution of arbitrary code, but requires that certain locales are set (e.g. ru_RU.UTF-8). There are patches available for each affected Ubuntu product.	NVD-CWE-Other	CVE-2006-5466	2011-03-8 11:43	2006-11-7	Show	GitHub Exploit DB Packet Storm

274683	-	xchangeboard	xchangeboard	Multiple SQL injection vulnerabilities in the checkUser function in inc/DBInterface.php in XchangeBoard 1.70 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrar…	NVD-CWE-Other	CVE-2006-5500	2011-03-8 11:43	2006-10-25	Show	GitHub Exploit DB Packet Storm

274684	-	xchangeboard	xchangeboard	Successful exploitation requires that "magic_quotes_gpc" is disabled.	NVD-CWE-Other	CVE-2006-5500	2011-03-8 11:43	2006-10-25	Show	GitHub Exploit DB Packet Storm

274685	-	maxdev	md-pro	Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary web script or HTML via the op parameter. NOTE: the provenance of this informa…	NVD-CWE-Other	CVE-2006-5564	2011-03-8 11:43	2006-10-28	Show	GitHub Exploit DB Packet Storm

274686	-	maxdev	md-pro	CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary HTTP headers via a CRLF sequence in the (1) name, (2) file, (3) module, and (4) func parameters in (a)…	NVD-CWE-Other	CVE-2006-5565	2011-03-8 11:43	2006-10-28	Show	GitHub Exploit DB Packet Storm

274687	-	nmnlogger	nmnlogger	Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown impact and attack vectors related to configuration of mesasge drivers.	NVD-CWE-Other	CVE-2006-5642	2011-03-8 11:43	2006-11-1	Show	GitHub Exploit DB Packet Storm

274688	-	nmnlogger	nmnlogger	This vulnerability is addressed in the following product release: NmnLogger, NmnLogger, 1.1	NVD-CWE-Other	CVE-2006-5642	2011-03-8 11:43	2006-11-1	Show	GitHub Exploit DB Packet Storm

274689	-	vilistextum	vilistextum	Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 have unknown impact and attack vectors.	NVD-CWE-Other	CVE-2006-5657	2011-03-8 11:43	2006-11-3	Show	GitHub Exploit DB Packet Storm

274690	-	ibm	informix_client_sdk informix_dynamic_server informix_i-connect	IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gai…	NVD-CWE-Other	CVE-2006-5663	2011-03-8 11:43	2006-11-3	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed