Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 27, 2025, 6:04 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
81 9.8 緊急
Network
Sapplica Sentrifugo Sapplica の Sentrifugo における SQL インジェクションの脆弱性 New CWE-89
SQLインジェクション
CVE-2024-29870 2025-01-27 13:34 2024-03-21 Show GitHub Exploit DB Packet Storm
82 9.8 緊急
Network
Sapplica Sentrifugo Sapplica の Sentrifugo における SQL インジェクションの脆弱性 New CWE-89
SQLインジェクション
CVE-2024-29874 2025-01-27 13:34 2024-03-21 Show GitHub Exploit DB Packet Storm
83 6.1 警告
Network
Sapplica Sentrifugo Sapplica の Sentrifugo におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-29879 2025-01-27 13:34 2024-03-21 Show GitHub Exploit DB Packet Storm
84 9.1 緊急
Network
Palo Alto Networks PAN-OS Palo Alto Networks の PAN-OS における脆弱性 New CWE-282
CWE-Other
CVE-2024-3383 2025-01-27 13:34 2024-04-10 Show GitHub Exploit DB Packet Storm
85 5.4 警告
Network
exclusiveaddons exclusive addons for elementor exclusiveaddons の WordPress 用 exclusive addons for elementor におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-4618 2025-01-27 13:34 2024-05-15 Show GitHub Exploit DB Packet Storm
86 7.2 重要
Network
aipower aipower WordPress 用 aipower における信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション
CVE-2025-0428 2025-01-27 13:34 2025-01-22 Show GitHub Exploit DB Packet Storm
87 5.3 警告
Network
Palo Alto Networks PAN-OS Palo Alto Networks の PAN-OS における解釈の競合に関する脆弱性 New CWE-436
CWE-436
CVE-2024-3386 2025-01-27 13:34 2024-04-10 Show GitHub Exploit DB Packet Storm
88 6.8 警告
Physics
Palo Alto Networks PAN-OS Palo Alto Networks の PAN-OS における脆弱性 New CWE-20
CWE-noinfo
CVE-2024-5913 2025-01-27 13:34 2024-07-10 Show GitHub Exploit DB Packet Storm
89 7.5 重要
Network
Magma Magma Magma における境界外書き込みに関する脆弱性 New CWE-120
CWE-787
CVE-2024-24423 2025-01-27 13:32 2024-01-25 Show GitHub Exploit DB Packet Storm
90 5.3 警告
Network
Timothee Boussus Your Spotify Timothee Boussus の Your Spotify におけるインジェクションに関する脆弱性 New CWE-74
CWE-74
CWE-943
CVE-2024-28192 2025-01-27 13:22 2024-03-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 27, 2025, 4:07 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
280141 - ibm aix Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. NVD-CWE-noinfo
CVE-1999-1589 2008-09-5 13:00 1999-12-31 Show GitHub Exploit DB Packet Storm
280142 - coxco_support a-cart
metacart
midicart_asp
midicart_asp_maxi
midicart_asp_plus
salescart-pro
salescart-std
MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the database. CWE-200
Information Exposure
CVE-2002-1432 2008-09-5 13:00 2003-04-11 Show GitHub Exploit DB Packet Storm
280143 - ikonboard ikonboard Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the UR… CWE-79
Cross-site Scripting
CVE-2002-2230 2008-09-5 13:00 2002-12-31 Show GitHub Exploit DB Packet Storm
280144 - - - The echo service is running. NVD-CWE-Other
CVE-1999-0635 2007-07-13 13:00 1999-01-1 Show GitHub Exploit DB Packet Storm
280145 - - - This Common Vulnerabilities and Exposures (CVE) entry is a configuration issue and not a software flaw. As such, it doesn’t fit in the CVE software flaw list. The Common Vulnerability Scoring System … NVD-CWE-Other
CVE-1999-0635 2007-07-13 13:00 1999-01-1 Show GitHub Exploit DB Packet Storm
280146 - - - The Echo Service is an unsecured and obsolete protocol and it should be disabled. Historically it has been used to perform denial of service attacks. NVD-CWE-Other
CVE-1999-0635 2007-07-13 13:00 1999-01-1 Show GitHub Exploit DB Packet Storm
280147 - - - Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an X.400 message containi… NVD-CWE-Other
CVE-2003-0565 2005-10-20 13:00 2003-12-1 Show GitHub Exploit DB Packet Storm
280148 - - - Two Sun security certificates have been compromised, which could allow attackers to insert malicious code such as applets and make it appear that it is signed by Sun. NVD-CWE-Other
CVE-2000-0889 2005-10-20 13:00 2001-02-12 Show GitHub Exploit DB Packet Storm
280149 - - - Buffer overflow in post-query sample CGI program allows remote attackers to execute arbitrary commands via an HTTP POST request that contains at least 10001 parameters. NVD-CWE-Other
CVE-2001-0291 2005-10-20 13:00 2001-05-3 Show GitHub Exploit DB Packet Storm