Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 12, 2025, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
151 6.7 警告
Local 		マイクロソフト Microsoft Windows Server 2022
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Window… 		セキュア ブートのセキュリティ機能のバイパスの脆弱性 New CWE-693
CWE-noinfo
CVE-2024-28921 2025-01-10 11:42 2024-04-9 Show GitHub Exploit DB Packet Storm
152 6.7 警告
Local 		マイクロソフト Microsoft Windows Server 2022
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Window… 		セキュア ブートのセキュリティ機能のバイパスの脆弱性 New CWE-693
CWE-noinfo
CVE-2024-28919 2025-01-10 11:36 2024-04-9 Show GitHub Exploit DB Packet Storm
153 6.1 警告
Network 		oretnom23 Online Flight Booking Management System oretnom23 の Online Flight Booking Management System におけるクロスサイトスクリプティングの脆弱性 New CWE-79
CWE-79
CVE-2022-46088 2025-01-10 11:26 2022-11-28 Show GitHub Exploit DB Packet Storm
154 5.5 警告
Local 		クアルコム SD 835 ファームウェア
SD 845 ファームウェア
SD 820 ファームウェア
SD 820A ファームウェア
SD 850 ファームウェア
SD 450 ファームウェア
SD 625 ファームウェア 		複数のクアルコム製品における初期化されていないリソースの使用に関する脆弱性 New CWE-200
CWE-908
CVE-2017-18306 2025-01-10 11:19 2024-11-26 Show GitHub Exploit DB Packet Storm
155 8.8 重要
Adjacent 		ネットギア RAX38 ファームウェア
RAXE300 ファームウェア
RAX35 ファームウェア
RAX30 ファームウェア 		複数のネットギア製品における SQL インジェクションの脆弱性 New CWE-89
CWE-89
CVE-2023-27358 2025-01-10 11:19 2023-02-28 Show GitHub Exploit DB Packet Storm
156 5.4 警告
Network 		Jegtheme Jeg Elementor Kit Jegtheme の WordPress 用 Jeg Elementor Kit におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-10308 2025-01-10 11:19 2024-11-26 Show GitHub Exploit DB Packet Storm
157 6.4 警告
Network 		Helm Helm Helm におけるパストラバーサルの脆弱性 New CWE-22
CWE-22
CVE-2024-25620 2025-01-10 11:19 2024-02-15 Show GitHub Exploit DB Packet Storm
158 7.5 重要
Network 		デル EMC PowerScale OneFS デルの EMC PowerScale OneFS におけるセッション期限に関する脆弱性 New CWE-613
不適切なセッション期限 		CVE-2024-25954 2025-01-10 11:19 2024-03-28 Show GitHub Exploit DB Packet Storm
159 4.4 警告
Local 		デル EMC PowerScale OneFS デルの EMC PowerScale OneFS における脆弱性 New CWE-73
CWE-Other
CVE-2024-25965 2025-01-10 11:19 2024-05-14 Show GitHub Exploit DB Packet Storm
160 6.7 警告
Local 		デル EMC PowerScale OneFS デルの EMC PowerScale OneFS における脆弱性 New CWE-250
CWE-Other
CVE-2024-25967 2025-01-10 11:19 2024-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 12, 2025, 4:59 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. New - CVE-2024-57227 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
172 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. New - CVE-2024-57226 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
173 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. New - CVE-2024-57225 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
174 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. New - CVE-2024-57224 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
175 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. New - CVE-2024-57223 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
176 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. New - CVE-2024-57222 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
177 - - - Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php. New - CVE-2024-54687 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
178 - - - In PRIMX ZED Enterprise up to 2024.3, technical files stored in local folders with common user access can be manipulated to render the host computer unavailable or to execute programs with an elevati… New - CVE-2024-46464 2025-01-11 03:15 2025-01-10 Show GitHub Exploit DB Packet Storm
179 - - - An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call check_nrpe against affected targets, specifying known NRPE plugins, which in default installations ar… New - CVE-2023-28354 2025-01-11 03:15 2025-01-10 Show GitHub Exploit DB Packet Storm
180 - - - An issue in the component src/api/identity.rs of Vaultwarden prior to v1.32.5 allows attackers to impersonate users, including Administrators, via a crafted authorization request. New - CVE-2024-55225 2025-01-11 03:15 2025-01-10 Show GitHub Exploit DB Packet Storm