Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1331	4.3	警告 Network	DesDev Inc.	DedeCMS	DesDev Inc. の DedeCMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2024-4586	2025-01-20 11:23	2024-05-7	Show	GitHub Exploit DB Packet Storm

1332	5.4	警告 Network	Leap13	Premium Addons for Elementor	Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-4379	2025-01-20 11:23	2024-05-31	Show	GitHub Exploit DB Packet Storm

1333	4.3	警告 Network	DesDev Inc.	DedeCMS	DesDev Inc. の DedeCMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2024-4592	2025-01-20 11:23	2024-05-7	Show	GitHub Exploit DB Packet Storm

1334	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	W15E ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の W15E ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-4122	2025-01-20 11:23	2024-04-24	Show	GitHub Exploit DB Packet Storm

1335	5.4	警告 Network	WPDeveloper	Essential Addons for Elementor	WPDeveloper の WordPress 用 Essential Addons for Elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-4449	2025-01-20 11:23	2024-05-14	Show	GitHub Exploit DB Packet Storm

1336	5.4	警告 Network	Jegtheme	Jeg Elementor Kit	Jegtheme の WordPress 用 Jeg Elementor Kit におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-87	CVE-2024-3162	2025-01-20 11:22	2024-04-3	Show	GitHub Exploit DB Packet Storm

1337	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	fh1205 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の fh1205 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-3006	2025-01-20 11:22	2024-03-27	Show	GitHub Exploit DB Packet Storm

1338	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	fh1205 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の fh1205 ファームウェアにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2024-3009	2025-01-20 11:22	2024-03-28	Show	GitHub Exploit DB Packet Storm

1339	5.4	警告 Network	Royal Elementor Addons	Royal Elementor Addons and Templates	Royal Elementor Addons の WordPress 用 Royal Elementor Addons and Templates におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-3887	2025-01-20 11:22	2024-05-16	Show	GitHub Exploit DB Packet Storm

1340	5.4	警告 Network	g5plus	ultimate bootstrap elements for elementor	g5plus の WordPress 用 ultimate bootstrap elements for elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-2132	2025-01-20 11:20	2024-04-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 9, 2025, 4:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
591	-		-	-	Inclusion of sensitive information in test code in softsim TA prior to SMR Jan-2025 Release 1 allows local privileged attackers to get test key.	-	CVE-2025-20886	2025-02-4 17:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

592	-		-	-	Out-of-bounds write in softsim TA prior to SMR Jan-2025 Release 1 allows local privileged attackers to cause memory corruption.	-	CVE-2025-20885	2025-02-4 17:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

593	-		-	-	Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.	-	CVE-2025-20884	2025-02-4 17:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

594	-		-	-	Improper access control in SoundPicker prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.	-	CVE-2025-20883	2025-02-4 17:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

595	-		-	-	Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is r…	-	CVE-2025-20882	2025-02-4 17:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

596	-		-	-	Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interact…	-	CVE-2025-20881	2025-02-4 17:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

597	4.3	MEDIUM Network	-	-	The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.5 via the 'bsb-slider' shortcode due to insufficient r…	CWE-284 Improper Access Control	CVE-2024-13514	2025-02-4 17:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

598	4.3	MEDIUM Network	-	-	The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.2 via the 'namedical_elementor_template' shortcode due…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-12046	2025-02-4 17:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

599	-		-	-	A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6 . An attacker with administrator privileges can upload a specially crafted image, which can cause a sta…	-	CVE-2024-10239	2025-02-4 17:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

600	-		-	-	A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6. An attacker can upload a specially crafted image that will cause a stack overflow is caused by not …	-	CVE-2024-10238	2025-02-4 17:15	2025-02-4	Show	GitHub Exploit DB Packet Storm