Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1191 8.8 重要
Network 		マイクロソフト Microsoft Windows Server 2008
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows 10
Microsoft Windows Server&… 		Windows テレフォニー サービスのリモートでコードが実行される脆弱性 CWE-122
CWE-noinfo
CVE-2025-21417 2025-01-20 17:20 2025-01-14 Show GitHub Exploit DB Packet Storm
1192 8.8 重要
Network 		マイクロソフト Microsoft Windows Server 2008
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows 10
Microsoft Windows Server&… 		SQL Server 用 Microsoft WDAC OLE DB プロバイダーのリモートでコードが実行される脆弱性 CWE-416
CWE-noinfo
CVE-2024-30006 2025-01-20 17:17 2024-05-14 Show GitHub Exploit DB Packet Storm
1193 5.4 警告
Network 		VillaTheme Thank You Page Customizer for WooCommerce - Increase Your Sales VillaTheme の WordPress 用 Thank You Page Customizer for WooCommerce - Increase Your Sales における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-1687 2025-01-20 17:17 2024-02-27 Show GitHub Exploit DB Packet Storm
1194 8.8 重要
Local 		マイクロソフト Microsoft Windows 11 Windows 仮想化ベースのセキュリティ (VBS) エンクレーブの特権昇格の脆弱性 CWE-20
CWE-noinfo
CVE-2025-21370 2025-01-20 17:14 2025-01-14 Show GitHub Exploit DB Packet Storm
1195 7.5 重要
Network 		MailCleaner MailCleaner MailCleaner における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2019-1010246 2025-01-20 17:12 2019-01-21 Show GitHub Exploit DB Packet Storm
1196 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-121
CWE-noinfo
CVE-2024-28928 2025-01-20 17:11 2024-07-9 Show GitHub Exploit DB Packet Storm
1197 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-190
CWE-noinfo
CVE-2024-21428 2025-01-20 17:09 2024-07-9 Show GitHub Exploit DB Packet Storm
1198 7.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office 		Microsoft Excel のセキュリティ機能のバイパスの脆弱性 CWE-502
CWE-noinfo
CVE-2025-21364 2025-01-20 17:09 2025-01-14 Show GitHub Exploit DB Packet Storm
1199 4.3 警告
Network 		LadiPage LadiPage WordPress 用 LadiPage におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2023-4628 2025-01-20 17:07 2023-08-30 Show GitHub Exploit DB Packet Storm
1200 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-122
CWE-noinfo
CVE-2024-21415 2025-01-20 17:06 2024-07-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 2, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
91 - - - macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys are hardcoded and do not change. User information is explicitly written into the JWT and used for subs… New - CVE-2024-57432 2025-02-1 02:15 2025-02-1 Show GitHub Exploit DB Packet Storm
92 - - - OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter. New - CVE-2024-53584 2025-02-1 02:15 2025-02-1 Show GitHub Exploit DB Packet Storm
93 6.1 MEDIUM
Network 		- - IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed ar… New CWE-79
Cross-site Scripting 		CVE-2024-49349 2025-02-1 02:15 2025-02-1 Show GitHub Exploit DB Packet Storm
94 6.4 MEDIUM
Network 		- - IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed ar… New CWE-79
Cross-site Scripting 		CVE-2024-49339 2025-02-1 02:15 2025-02-1 Show GitHub Exploit DB Packet Storm
95 - - - SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on public key signatures when using native SSH connections via a proxy port. This allows an existing Priv… New - CVE-2024-47857 2025-02-1 02:15 2025-02-1 Show GitHub Exploit DB Packet Storm
96 - - - A Host Header Poisoning Open Redirect issue in slabiak Appointment Scheduler v.1.0.5 allows a remote attacker to redirect users to a malicious website, leading to potential credential theft, malware … New - CVE-2024-42671 2025-02-1 02:15 2025-02-1 Show GitHub Exploit DB Packet Storm
97 - - - Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could resu… New - CVE-2024-12248 2025-02-1 02:15 2025-01-31 Show GitHub Exploit DB Packet Storm
98 5.4 MEDIUM
Network 		vinayjain embed_swagger_ui The Embed Swagger UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsgui' shortcode in all versions up to, and including, 1.0.0 due to insufficient input saniti… New CWE-79
Cross-site Scripting 		CVE-2024-13700 2025-02-1 01:49 2025-01-30 Show GitHub Exploit DB Packet Storm
99 - - - PMD is an extensible multilanguage static code analyzer. The passphrase for the PMD and PMD Designer release signing keys are included in jar published to Maven Central. The private key itself is not… New CWE-200
CWE-540
Information Exposure
 Inclusion of Sensitive Information in Source Code 		CVE-2025-23215 2025-02-1 01:15 2025-02-1 Show GitHub Exploit DB Packet Storm
100 - - - O2OA 9.1.3 is vulnerable to Cross Site Scripting (XSS) in Meetings - Settings. New - CVE-2025-22994 2025-02-1 01:15 2025-02-1 Show GitHub Exploit DB Packet Storm