Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1201	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2008 Microsoft Windows 11 Microsoft Windows Server 2016 Microsoft Windows 10 Microsoft Windows Server&…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21417	2025-01-20 17:20	2025-01-14	Show	GitHub Exploit DB Packet Storm

1202	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2008 Microsoft Windows 11 Microsoft Windows Server 2016 Microsoft Windows 10 Microsoft Windows Server&…	SQL Server 用 Microsoft WDAC OLE DB プロバイダーのリモートでコードが実行される脆弱性	CWE-416 CWE-noinfo	CVE-2024-30006	2025-01-20 17:17	2024-05-14	Show	GitHub Exploit DB Packet Storm

1203	5.4	警告 Network	VillaTheme	Thank You Page Customizer for WooCommerce - Increase Your Sales	VillaTheme の WordPress 用 Thank You Page Customizer for WooCommerce - Increase Your Sales における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-1687	2025-01-20 17:17	2024-02-27	Show	GitHub Exploit DB Packet Storm

1204	8.8	重要 Local	マイクロソフト	Microsoft Windows 11	Windows 仮想化ベースのセキュリティ (VBS) エンクレーブの特権昇格の脆弱性	CWE-20 CWE-noinfo	CVE-2025-21370	2025-01-20 17:14	2025-01-14	Show	GitHub Exploit DB Packet Storm

1205	7.5	重要 Network	MailCleaner	MailCleaner	MailCleaner における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2019-1010246	2025-01-20 17:12	2019-01-21	Show	GitHub Exploit DB Packet Storm

1206	8.8	重要 Network	マイクロソフト	Microsoft SQL Server	SQL Server Native Client OLE DB プロバイダーのリモートコード実行に対する脆弱性	CWE-121 CWE-noinfo	CVE-2024-28928	2025-01-20 17:11	2024-07-9	Show	GitHub Exploit DB Packet Storm

1207	8.8	重要 Network	マイクロソフト	Microsoft SQL Server	SQL Server Native Client OLE DB プロバイダーのリモートコード実行に対する脆弱性	CWE-190 CWE-noinfo	CVE-2024-21428	2025-01-20 17:09	2024-07-9	Show	GitHub Exploit DB Packet Storm

1208	7.8	重要 Local	マイクロソフト	Microsoft 365 Apps Microsoft Office	Microsoft Excel のセキュリティ機能のバイパスの脆弱性	CWE-502 CWE-noinfo	CVE-2025-21364	2025-01-20 17:09	2025-01-14	Show	GitHub Exploit DB Packet Storm

1209	4.3	警告 Network	LadiPage	LadiPage	WordPress 用 LadiPage におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2023-4628	2025-01-20 17:07	2023-08-30	Show	GitHub Exploit DB Packet Storm

1210	8.8	重要 Network	マイクロソフト	Microsoft SQL Server	SQL Server Native Client OLE DB プロバイダーのリモートコード実行に対する脆弱性	CWE-122 CWE-noinfo	CVE-2024-21415	2025-01-20 17:06	2024-07-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 22, 2025, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1151	-		-	-	HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.	-	CVE-2024-23563	2025-02-12 23:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

1152	-		-	-	An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W-A1 allows a remote attacker to obtain sensitive information via the Weak default WiFi password generat…	-	CVE-2025-22936	2025-02-12 23:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

1153	4.4	MEDIUM Local	samsung	android	Improper privilege management in Samsung Find prior to SMR Feb-2025 Release 1 allows local privileged attackers to disable Samsung Find.	NVD-CWE-noinfo	CVE-2025-20907	2025-02-12 22:49	2025-02-4	Show	GitHub Exploit DB Packet Storm

1154	6.7	MEDIUM Local	samsung	android	Out-of-bounds read and write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to read and write out-of-bounds memory.	CWE-125 Out-of-bounds Read	CVE-2025-20905	2025-02-12 22:49	2025-02-4	Show	GitHub Exploit DB Packet Storm

1155	6.7	MEDIUM Local	samsung	android	Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption.	CWE-787 Out-of-bounds Write	CVE-2025-20904	2025-02-12 22:48	2025-02-4	Show	GitHub Exploit DB Packet Storm

1156	5.1	MEDIUM Local	samsung	android	Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attackers to change the configuration of notifications.	NVD-CWE-Other	CVE-2025-20893	2025-02-12 22:48	2025-02-4	Show	GitHub Exploit DB Packet Storm

1157	5.9	MEDIUM Physics	samsung	android	Protection Mechanism Failure in bootloader prior to SMR Jan-2025 Release 1 allows physical attackers to allow to execute fastboot command. User interaction is required for triggering this vulnerabili…	NVD-CWE-noinfo	CVE-2025-20892	2025-02-12 22:47	2025-02-4	Show	GitHub Exploit DB Packet Storm

1158	5.5	MEDIUM Local	samsung	android	Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required fo…	CWE-125 Out-of-bounds Read	CVE-2025-20891	2025-02-12 22:47	2025-02-4	Show	GitHub Exploit DB Packet Storm

1159	7.8	HIGH Local	samsung	android	Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggeri…	CWE-787 Out-of-bounds Write	CVE-2025-20890	2025-02-12 22:47	2025-02-4	Show	GitHub Exploit DB Packet Storm

1160	5.5	MEDIUM Local	samsung	android	Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for trigge…	CWE-787 Out-of-bounds Write	CVE-2025-20889	2025-02-12 22:46	2025-02-4	Show	GitHub Exploit DB Packet Storm