Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 12, 2025, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
101	4.8	警告 Network	phpMyFAQ	phpMyFAQ	phpMyFAQ におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 CWE-79	CVE-2024-29179	2025-01-10 14:40	2024-03-25	Show	GitHub Exploit DB Packet Storm

102	2.7	低 Network	phpMyFAQ	phpMyFAQ	phpMyFAQ におけるパストラバーサルの脆弱性 New	CWE-22 CWE-22	CVE-2024-29196	2025-01-10 14:40	2024-03-26	Show	GitHub Exploit DB Packet Storm

103	7.1	重要 Local	eProsima	Fast-DDS	eProsima の Fast-DDS における脆弱性 New	CWE-noinfo 情報不足	CVE-2024-30916	2025-01-10 14:40	2024-04-11	Show	GitHub Exploit DB Packet Storm

104	6.5	警告 Network	sixlabors	imagesharp	sixlabors の imagesharp における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New	CWE-770 CWE-789	CVE-2024-32035	2025-01-10 14:40	2024-04-15	Show	GitHub Exploit DB Packet Storm

105	9.8	緊急 Network	Wazuh Inc.	Wazuh	Wazuh Inc. の Wazuh における境界外書き込みに関する脆弱性 New	CWE-122 CWE-787	CVE-2024-32038	2025-01-10 14:40	2024-04-19	Show	GitHub Exploit DB Packet Storm

106	6.5	警告 Network	argoproj	argo cd	argoproj の argo cd における脆弱性 New	CWE-400 CWE-noinfo	CVE-2024-32476	2025-01-10 14:40	2024-05-14	Show	GitHub Exploit DB Packet Storm

107	5.4	警告 Network	Wpmet	elementskit	Wpmet の WordPress 用 elementskit におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-4452	2025-01-10 14:40	2024-05-21	Show	GitHub Exploit DB Packet Storm

108	6.5	警告 Network	デル	EMC PowerScale OneFS	デルの EMC PowerScale OneFS におけるリソースのロックに関する脆弱性 New	CWE-667 CWE-765	CVE-2024-49602	2025-01-10 14:40	2024-12-9	Show	GitHub Exploit DB Packet Storm

109	4.3	警告 Physics	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server&…	Windows ワイヤレスワイドエリアネットワークサービス (WwanSvc) の情報漏えいの脆弱性 New	CWE-125 CWE-noinfo	CVE-2024-49098	2025-01-10 14:38	2024-12-10	Show	GitHub Exploit DB Packet Storm

110	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server&…	Windows PrintWorkflowUserSvc の特権昇格の脆弱性 New	CWE-362 CWE-416 CWE-591	CVE-2024-49097	2025-01-10 14:34	2024-12-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 12, 2025, 4:59 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
241	-	-	-	Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injection in /goform/SetSambaCfg, which may lead to remote arbitrary code execution. New	-	CVE-2025-22949	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

242	-	-	-	WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerab… New	CWE-79 Cross-site Scripting	CVE-2025-22600	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

243	-	-	-	WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows at… New	CWE-79 Cross-site Scripting	CVE-2025-22599	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

244	-	-	-	WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the cadastrarSocio.php endpoint of the WeGIA application. This vulnerability al… New	CWE-79 Cross-site Scripting	CVE-2025-22598	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

245	-	-	-	WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the CobrancaController.php endpoint of the WeGIA application. This vulnerabilit… New	CWE-79 Cross-site Scripting	CVE-2025-22597	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

246	-	-	-	WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the modulos_visiveis.php endpoint of the WeGIA application. This vulnerabili… New	CWE-79 Cross-site Scripting	CVE-2025-22596	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

247	-	-	-	Atheos is a self-hosted browser-based cloud IDE. Prior to v600, the $path and $target parameters are not properly validated across multiple components, allowing an attacker to read, modify, or execut… New	CWE-22 CWE-94 CWE-434 Path Traversal Code Injection Unrestricted Upload of File with Dangerous Type	CVE-2025-22152	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

248	-	-	-	DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can be bypassed and cause t… New	CWE-289 Authentication Bypass by Alternate Name	CVE-2024-56511	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

249	-	-	-	Trippo Responsive Filemanager 9.14.0 is vulnerable to Cross Site Scripting (XSS) via file upload using the svg and pdf extensions. New	-	CVE-2024-50807	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

250	-	-	-	An arbitrary file upload vulnerability in the MediaPool module of Redaxo CMS v5.17.1 allows attackers to execute arbitrary code via uploading a crafted file. New	-	CVE-2024-46210	2025-01-11 01:15	2025-01-11	Show	GitHub Exploit DB Packet Storm