Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 24, 2025, 10:02 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
941	4.3	警告 Network	DesDev Inc.	DedeCMS	DesDev Inc. の DedeCMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2024-4591	2025-01-16 16:05	2024-05-7	Show	GitHub Exploit DB Packet Storm

942	6.1	警告 Network	Metagauss Inc.	eventprime	Metagauss Inc. の WordPress 用 eventprime におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-9865	2025-01-16 16:05	2024-10-24	Show	GitHub Exploit DB Packet Storm

943	6.1	警告 Network	oretnom23	customer support system	Oretnom23 の customer support system におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2023-49973	2025-01-16 16:05	2023-12-4	Show	GitHub Exploit DB Packet Storm

944	5.4	警告 Network	Leap13	Premium Addons for Elementor	Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1680	2025-01-16 16:05	2024-03-13	Show	GitHub Exploit DB Packet Storm

945	8.8	重要 Network	code-projects	blood bank management system	codezips の Blood Bank Management System における SQL インジェクションの脆弱性	CWE-74 CWE-89 CWE-89	CVE-2025-0232	2025-01-16 16:03	2025-01-5	Show	GitHub Exploit DB Packet Storm

946	4.8	警告 Network	code-projects	Local Storage Todo App	code-projects の Local Storage Todo App におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79 CWE-94	CVE-2025-0228	2025-01-16 16:02	2025-01-5	Show	GitHub Exploit DB Packet Storm

947	6.1	警告 Network	FreeScout	FreeScout	FreeScout におけるクロスサイトスクリプティングの脆弱性	CWE-74 CWE-79	CVE-2024-34697	2025-01-16 15:49	2024-05-14	Show	GitHub Exploit DB Packet Storm

948	6.3	警告 Network	FreeScout	FreeScout	FreeScout におけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 CWE-1321	CVE-2024-34698	2025-01-16 15:49	2024-05-14	Show	GitHub Exploit DB Packet Storm

949	4.3	警告 Network	Themeum	Tutor LMS	Themeum の WordPress 用 Tutor LMS における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-1502	2025-01-16 15:49	2024-03-21	Show	GitHub Exploit DB Packet Storm

950	4.3	警告 Network	DesDev Inc.	DedeCMS	DesDev Inc. の DedeCMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2024-2823	2025-01-16 15:49	2024-03-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
276831	-	firebirdsql	firebird	Multiple buffer overflows in Firebird 1.5, one of which affects WNET, have unknown impact and attack vectors. NOTE: this issue might overlap CVE-2006-1240.	NVD-CWE-Other	CVE-2006-7212	2008-09-6 06:16	2007-06-30	Show	GitHub Exploit DB Packet Storm

276832	-	firebirdsql	firebird	Firebird 1.5 allows remote authenticated users without SYSDBA and owner permissions to overwrite a database by creating a database.	NVD-CWE-Other	CVE-2006-7213	2008-09-6 06:16	2007-06-30	Show	GitHub Exploit DB Packet Storm

276833	-	firebirdsql	firebird	Multiple unspecified vulnerabilities in Firebird 1.5 allow remote attackers to (1) cause a denial of service (application crash) by sending many remote protocol versions; and (2) cause a denial of se…	NVD-CWE-Other	CVE-2006-7214	2008-09-6 06:16	2007-06-30	Show	GitHub Exploit DB Packet Storm

276834	-	intel	core_2_duo_e4000 core_2_duo_e6000 core_2_extreme_x6800	The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop processor E6000 and E4000 incorrectly set the memory page Access (A) bit for a page in certain circumstances involving proximity of the…	NVD-CWE-Other	CVE-2006-7215	2008-09-6 06:16	2007-07-4	Show	GitHub Exploit DB Packet Storm

276835	-	apache	derby	Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which…	NVD-CWE-Other	CVE-2006-7216	2008-09-6 06:16	2007-07-6	Show	GitHub Exploit DB Packet Storm

276836	-	apache	derby	Apache Derby before 10.2.1.6 does not determine schema privilege requirements during the DropSchemaNode bind phase, which allows remote authenticated users to execute arbitrary drop schema statements…	NVD-CWE-Other	CVE-2006-7217	2008-09-6 06:16	2007-07-6	Show	GitHub Exploit DB Packet Storm

276837	-	sap	saplpd sapsprint	Unspecified vulnerability in SAP SAPLPD and SAPSPRINT allows remote attackers to cause a denial of service (application crash) via a certain print job request. NOTE: the provenance of this informati…	NVD-CWE-Other	CVE-2006-7220	2008-09-6 06:16	2007-07-10	Show	GitHub Exploit DB Packet Storm

276838	-	xwiki	xwiki	PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the Author field to the identity of the user who last modified a document, which allows remote authenticated users without programming rig…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2006-7223	2008-09-6 06:16	2007-09-14	Show	GitHub Exploit DB Packet Storm

276839	-	scriptphp	pronews	admin/change.php in ProNews 1.5 does not check whether a user is permitted to change news items, which allows remote attackers to add or delete information within an item, and possibly have other imp…	NVD-CWE-Other	CVE-2006-6580	2008-09-6 06:15	2006-12-16	Show	GitHub Exploit DB Packet Storm

276840	-	scriptmate	user_manager	ScriptMate User Manager 2.1 and earlier allow remote attackers to obtain sensitive information via unspecified vectors related to (1) the Logins box and (2) the Search box.	NVD-CWE-Other	CVE-2006-6583	2008-09-6 06:15	2006-12-16	Show	GitHub Exploit DB Packet Storm