Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1201	7.8	重要 Local	マイクロソフト	Microsoft Access Microsoft 365 Apps Microsoft Office	Microsoft Access のリモートコードが実行される脆弱性	CWE-416 CWE-noinfo	CVE-2024-49142	2025-01-20 17:01	2024-12-10	Show	GitHub Exploit DB Packet Storm

1202	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2024-57881	2025-01-20 16:59	2024-12-18	Show	GitHub Exploit DB Packet Storm

1203	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2024-56615	2025-01-20 16:58	2024-11-25	Show	GitHub Exploit DB Packet Storm

1204	7.1	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2024-56627	2025-01-20 16:58	2024-12-1	Show	GitHub Exploit DB Packet Storm

1205	5.4	警告 Network	Outlook.com	Microsoft Edge Chromium	Microsoft Edge (Chromium ベース) のなりすましの脆弱性	CWE-451 CWE-noinfo	CVE-2024-30055	2025-01-20 16:57	2024-05-10	Show	GitHub Exploit DB Packet Storm

1206	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2024-56626	2025-01-20 16:57	2024-12-1	Show	GitHub Exploit DB Packet Storm

1207	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における配列インデックスの検証に関する脆弱性	CWE-129 配列インデックスの不適切な検証	CVE-2024-56598	2025-01-20 16:54	2024-10-29	Show	GitHub Exploit DB Packet Storm

1208	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2024-54680	2025-01-20 16:52	2024-12-19	Show	GitHub Exploit DB Packet Storm

1209	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2024-54460	2025-01-20 16:52	2024-12-12	Show	GitHub Exploit DB Packet Storm

1210	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2024-54683	2025-01-20 16:52	2024-12-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 2, 2025, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
91	-		-	-	macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys are hardcoded and do not change. User information is explicitly written into the JWT and used for subs… New	-	CVE-2024-57432	2025-02-1 02:15	2025-02-1	Show	GitHub Exploit DB Packet Storm

92	-		-	-	OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter. New	-	CVE-2024-53584	2025-02-1 02:15	2025-02-1	Show	GitHub Exploit DB Packet Storm

93	6.1	MEDIUM Network	-	-	IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed ar… New	CWE-79 Cross-site Scripting	CVE-2024-49349	2025-02-1 02:15	2025-02-1	Show	GitHub Exploit DB Packet Storm

94	6.4	MEDIUM Network	-	-	IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed ar… New	CWE-79 Cross-site Scripting	CVE-2024-49339	2025-02-1 02:15	2025-02-1	Show	GitHub Exploit DB Packet Storm

95	-		-	-	SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on public key signatures when using native SSH connections via a proxy port. This allows an existing Priv… New	-	CVE-2024-47857	2025-02-1 02:15	2025-02-1	Show	GitHub Exploit DB Packet Storm

96	-		-	-	A Host Header Poisoning Open Redirect issue in slabiak Appointment Scheduler v.1.0.5 allows a remote attacker to redirect users to a malicious website, leading to potential credential theft, malware … New	-	CVE-2024-42671	2025-02-1 02:15	2025-02-1	Show	GitHub Exploit DB Packet Storm

97	-		-	-	Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could resu… New	-	CVE-2024-12248	2025-02-1 02:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

98	5.4	MEDIUM Network	vinayjain	embed_swagger_ui	The Embed Swagger UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsgui' shortcode in all versions up to, and including, 1.0.0 due to insufficient input saniti… New	CWE-79 Cross-site Scripting	CVE-2024-13700	2025-02-1 01:49	2025-01-30	Show	GitHub Exploit DB Packet Storm

99	-		-	-	PMD is an extensible multilanguage static code analyzer. The passphrase for the PMD and PMD Designer release signing keys are included in jar published to Maven Central. The private key itself is not… New	CWE-200 CWE-540 Information Exposure Inclusion of Sensitive Information in Source Code	CVE-2025-23215	2025-02-1 01:15	2025-02-1	Show	GitHub Exploit DB Packet Storm

100	-		-	-	O2OA 9.1.3 is vulnerable to Cross Site Scripting (XSS) in Meetings - Settings. New	-	CVE-2025-22994	2025-02-1 01:15	2025-02-1	Show	GitHub Exploit DB Packet Storm