Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
851	8.8	重要 Network	jfinaloa project	jfinaloa	jfinaloa project の jfinaloa における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-57770	2025-01-23 11:48	2025-01-16	Show	GitHub Exploit DB Packet Storm

852	8.8	重要 Network	code-projects	Online Shoe Store	code-projects の Online Shoe Store における脆弱性	CWE-266 CWE-284 CWE-noinfo	CVE-2025-0206	2025-01-23 11:48	2025-01-4	Show	GitHub Exploit DB Packet Storm

853	7.5	重要 Network	Palo Alto Networks	PAN-OS	Palo Alto Networks の PAN-OS における有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 CWE-770	CVE-2024-3382	2025-01-23 11:48	2024-04-10	Show	GitHub Exploit DB Packet Storm

854	6.1	警告 Network	フォーティネット	FortiAuthenticator	フォーティネットの FortiAuthenticator におけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2024-23664	2025-01-23 11:47	2024-05-14	Show	GitHub Exploit DB Packet Storm

855	9.8	緊急 Network	Zephyr Project	Zephyr	Zephyr Project の Zephyr における境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2023-6749	2025-01-23 11:46	2023-12-12	Show	GitHub Exploit DB Packet Storm

856	8.8	重要 Network	podsfoundation	pods	podsfoundation の WordPress 用 pods における脆弱性	CWE-noinfo 情報不足	CVE-2023-6999	2025-01-23 11:46	2023-12-20	Show	GitHub Exploit DB Packet Storm

857	9.8	緊急 Network	Cozmoslabs	Membership & Content Restriction - Paid Member Subscriptions	Cozmoslabs の WordPress 用 Membership & Content Restriction - Paid Member Subscriptions における脆弱性	CWE-287 CWE-Other	CVE-2024-12919	2025-01-23 11:46	2024-12-24	Show	GitHub Exploit DB Packet Storm

858	5.4	警告 Network	exclusiveaddons	exclusive addons for elementor	exclusiveaddons の WordPress 用 exclusive addons for elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1414	2025-01-23 11:46	2024-03-13	Show	GitHub Exploit DB Packet Storm

859	6.5	警告 Network	HasThemes	HT Mega - Absolute Addons For Elementor	HasThemes の WordPress 用 HT Mega - Absolute Addons For Elementor におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2024-1974	2025-01-23 11:46	2024-04-9	Show	GitHub Exploit DB Packet Storm

860	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	AC7 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の AC7 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-2896	2025-01-23 11:46	2024-03-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 11, 2025, 4:06 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274551	-	novell	access_manager	Novell Access Management 3 SSLVPN Server allows remote authenticated users to bypass VPN restrictions by making policy.txt read-only, disconnecting, then manually modifying policy.txt.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2007-1309	2011-03-8 11:51	2007-03-7	Show	GitHub Exploit DB Packet Storm

274552	-	phpmyadmin	phpmyadmin	The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a…	NVD-CWE-Other	CVE-2007-1325	2011-03-8 11:51	2007-03-8	Show	GitHub Exploit DB Packet Storm

274553	-	phpmyadmin	phpmyadmin	This vulnerability is addressed in the following product update: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3	NVD-CWE-Other	CVE-2007-1325	2011-03-8 11:51	2007-03-8	Show	GitHub Exploit DB Packet Storm

274554	-	sun	sun_fire	Unspecified vulnerability in ipmitool for Sun Fire X2100M2 and X2200M2 allows local users to gain privileges and reset or turn off the server.	NVD-CWE-Other	CVE-2007-1346	2011-03-8 11:51	2007-03-9	Show	GitHub Exploit DB Packet Storm

274555	-	linux	linux_kernel	The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter t…	NVD-CWE-Other	CVE-2007-1357	2011-03-8 11:51	2007-04-11	Show	GitHub Exploit DB Packet Storm

274556	-	grigoriadis	mini_web_server	Multiple buffer overflows in Nickolas Grigoriadis Mini Web server (MiniWebsvr) before 0.05 have unknown impact and attack vectors.	NVD-CWE-Other	CVE-2007-0525	2011-03-8 11:50	2007-01-26	Show	GitHub Exploit DB Packet Storm

274557	-	vote_pro	vote_pro	Multiple eval injection vulnerabilities in Vote! Pro 4.0, and possibly earlier, allow remote attackers to execute arbitrary code via requests to unspecified PHP scripts with the poll_id parameter, wh…	NVD-CWE-Other	CVE-2007-0535	2011-03-8 11:50	2007-01-26	Show	GitHub Exploit DB Packet Storm

274558	-	cgi-rescue	webform	Cross-site scripting (XSS) vulnerability in CGI-RESCUE WebFORM 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	NVD-CWE-Other	CVE-2007-0547	2011-03-8 11:50	2007-01-30	Show	GitHub Exploit DB Packet Storm

274559	-	phproxy	phproxy	Multiple cross-site scripting (XSS) vulnerabilities in index.inc.php in PHProxy before 0.5 beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) data[realm] and (2) _url pa…	NVD-CWE-Other	CVE-2007-0553	2011-03-8 11:50	2007-01-30	Show	GitHub Exploit DB Packet Storm

274560	-	symantec	web_security	The license registering interface in Symantec Web Security (SWS) before 3.0.1.85 allows attackers to cause a denial of service (CPU consumption) by submitting a large file.	NVD-CWE-Other	CVE-2007-0564	2011-03-8 11:50	2007-01-31	Show	GitHub Exploit DB Packet Storm