Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1411	8.8	重要 Network	マイクロソフト	Microsoft SQL Server Microsoft OLE DB Driver	SQL Server 用 Microsoft OLE DB ドライバーのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2024-28940	2025-01-17 22:14	2024-04-9	Show	GitHub Exploit DB Packet Storm

1412	8.8	重要 Network	マイクロソフト	Microsoft SQL Server Microsoft OLE DB Driver	SQL Server 用 Microsoft OLE DB ドライバーのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2024-29046	2025-01-17 22:00	2024-04-9	Show	GitHub Exploit DB Packet Storm

1413	8.8	重要 Network	マイクロソフト	Microsoft ODBC Driver Microsoft SQL Server Microsoft Visual Studio	SQL Server 用 Microsoft ODBC ドライバーのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2024-28937	2025-01-17 21:55	2024-04-9	Show	GitHub Exploit DB Packet Storm

1414	8.1	重要 Network	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows Server 2016 Microsoft Windows Server 2012 Microsoft Windows Server 2019 Microso…	Windows リモートデスクトップサービスのリモートでコードが実行される脆弱性	CWE-362 CWE-416 CWE-591	CVE-2024-49128	2025-01-17 21:48	2024-12-10	Show	GitHub Exploit DB Packet Storm

1415	6.8	警告 Physics	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server&…	Windows モバイルブロードバンドドライバーの特権昇格の脆弱性	CWE-125 CWE-noinfo	CVE-2024-49110	2025-01-17 21:46	2024-12-10	Show	GitHub Exploit DB Packet Storm

1416	8.1	重要 Network	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 Microsoft Windows Server 2016 Microsoft Windows Server 2008 Microsoft Window…	Windows Lightweight Directory Access Protocol (LDAP) のリモートでコードが実行される脆弱性	CWE-362 CWE-416	CVE-2024-49127	2025-01-17 21:44	2024-12-10	Show	GitHub Exploit DB Packet Storm

1417	8.1	重要 Network	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 Microsoft Windows Server 2016 Microsoft Windows Server 2008 Microsoft Window…	Windows ローカルセキュリティ機関サブシステムサービス (LSASS) のリモートでコードが実行される脆弱性	CWE-362 CWE-416 CWE-591	CVE-2024-49126	2025-01-17 21:42	2024-12-10	Show	GitHub Exploit DB Packet Storm

1418	6.6	警告 Physics	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server&…	ワイヤレス広域ネットワークサービス (WwanSvc) の特権昇格の脆弱性	CWE-125 CWE-noinfo	CVE-2024-49111	2025-01-17 21:40	2024-12-10	Show	GitHub Exploit DB Packet Storm

1419	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2024-57872	2025-01-17 21:35	2024-11-20	Show	GitHub Exploit DB Packet Storm

1420	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性	CWE-noinfo 情報不足	CVE-2024-56618	2025-01-17 21:33	2024-12-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 11, 2025, 4:06 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
281	-	-	-	A prototype pollution in the lib.mutateMergeDeep function of @tanstack/form-core v0.35.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.	-	CVE-2024-57068	2025-02-7 01:15	2025-02-6	Show	GitHub Exploit DB Packet Storm

282	-	-	-	A prototype pollution in the lib.parse function of dot-qs v0.2.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.	-	CVE-2024-57067	2025-02-7 01:15	2025-02-6	Show	GitHub Exploit DB Packet Storm

283	-	-	-	A prototype pollution in the lib.deep function of @ndhoule/defaults v2.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.	-	CVE-2024-57066	2025-02-7 01:15	2025-02-6	Show	GitHub Exploit DB Packet Storm

284	-	-	-	A prototype pollution in the lib.createPath function of utile v0.3.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.	-	CVE-2024-57065	2025-02-7 01:15	2025-02-6	Show	GitHub Exploit DB Packet Storm

285	-	-	-	A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.	-	CVE-2024-57064	2025-02-7 01:15	2025-02-6	Show	GitHub Exploit DB Packet Storm

286	-	-	-	A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.	-	CVE-2024-57063	2025-02-7 01:15	2025-02-6	Show	GitHub Exploit DB Packet Storm

287	-	-	-	A Stored Cross-Site Scripting (XSS) vulnerability was identified affecting Skybox Change Manager versions 13.2.170 and earlier that allows remote authenticated users to store malicious payloads in th…	-	CVE-2024-54853	2025-02-7 01:15	2025-02-6	Show	GitHub Exploit DB Packet Storm

288	-	-	-	A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the driver of the NDD Print solution, which could allow an unprivileged user to exploit this flaw and gain SYSTEM-level ac…	-	CVE-2024-48394	2025-02-7 01:15	2025-02-6	Show	GitHub Exploit DB Packet Storm

289	-	-	-	SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote attackers to inject sql query in /elearning/delete_teacher_students.php?id= parameter via id field.	-	CVE-2020-36084	2025-02-7 01:15	2025-02-6	Show	GitHub Exploit DB Packet Storm

290	-	-	-	Insecure permissions in RuoYi v4.8.0 allows authenticated attackers to escalate privileges by assigning themselves higher level roles.	-	CVE-2024-57438	2025-02-7 01:15	2025-01-30	Show	GitHub Exploit DB Packet Storm