Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 15, 2025, 2:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
151	7.8	重要 Local	デル	EMC PowerScale OneFS	デルの EMC PowerScale OneFS における重要な情報の平文での送信に関する脆弱性 New	CWE-319 重要な情報の平文での送信	CVE-2024-25960	2025-01-14 16:08	2024-03-28	Show	GitHub Exploit DB Packet Storm

152	5.4	警告 Network	ThimPress	LearnPress	ThimPress の WordPress 用 LearnPress におけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2024-1289	2025-01-14 16:06	2024-04-9	Show	GitHub Exploit DB Packet Storm

153	8.8	重要 Network	Wazuh Inc.	Wazuh	Wazuh Inc. の Wazuh におけるコードインジェクションの脆弱性 New	CWE-94 CWE-94	CVE-2023-50260	2025-01-14 16:05	2023-12-5	Show	GitHub Exploit DB Packet Storm

154	7.8	重要 Local	クアルコム	SD 450 ファームウェア SD 615 ファームウェア SD 616 ファームウェア SD 810 ファームウェア SD 212 ファームウェア MDM9607 ファームウェア MDM9650 ファームウェア SD 210…	複数のクアルコム製品における認証に関する脆弱性 New	CWE-287 不適切な認証	CVE-2018-11952	2025-01-14 16:04	2018-06-7	Show	GitHub Exploit DB Packet Storm

155	7.8	重要 Local	クアルコム	SD 850 ファームウェア SD 835 ファームウェア MDM9206 ファームウェア MDM9607 ファームウェア SD 845 ファームウェア	複数のクアルコム製品における境界外書き込みに関する脆弱性 New	CWE-20 CWE-787	CVE-2017-15832	2025-01-14 16:04	2017-10-24	Show	GitHub Exploit DB Packet Storm

156	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性 New	CWE-noinfo 情報不足	CVE-2021-47037	2025-01-14 15:59	2021-03-30	Show	GitHub Exploit DB Packet Storm

157	5.3	警告 Network	helderk	Maintenance Mode	helderk の WordPress 用 Maintenance Mode における脆弱性 New	CWE-noinfo 情報不足	CVE-2024-1478	2025-01-14 15:55	2024-03-5	Show	GitHub Exploit DB Packet Storm

158	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性 New	CWE-noinfo 情報不足	CVE-2021-47029	2025-01-14 15:52	2021-04-12	Show	GitHub Exploit DB Packet Storm

159	5.3	警告 Network	Huawei	NIP6300 ファームウェア Secospace USG6600 ファームウェア USG6000V ファームウェア Secospace USG6300 ファームウェア NGFW Module ファームウェア Secospace USG6500 ファームウェア …	複数の Huawei 製品における境界外読み取りに関する脆弱性 New	CWE-125 CWE-125	CVE-2020-1820	2025-01-14 15:47	2024-12-28	Show	GitHub Exploit DB Packet Storm

160	3.3	低 Local	Huawei	P30 Pro ファームウェア	Huawei の P30 Pro ファームウェアにおける脆弱性 New	CWE-200 CWE-noinfo	CVE-2020-9089	2025-01-14 15:47	2020-02-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
321	-	-	-	WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `Cadastro_Atendido.… New	CWE-79 Cross-site Scripting	CVE-2025-22615	2025-01-14 06:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

322	-	-	-	WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `dependente_editarInfo… New	CWE-79 Cross-site Scripting	CVE-2025-22614	2025-01-14 06:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

323	-	-	-	When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try t… New	CWE-122 Heap-based Buffer Overflow	CVE-2025-22134	2025-01-14 06:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

324	-	-	-	jte (Java Template Engine) is a secure and lightweight template engine for Java and Kotlin. In affected versions Jte HTML templates with `script` tags or script attributes that include a Javascript t… New	-	CVE-2025-23026	2025-01-14 06:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

325	-	-	-	NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit permissions can validate users and an attacker can reset the… New	-	CVE-2025-22144	2025-01-14 06:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

326	-	-	-	MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name parameter the General Information module. New	-	CVE-2024-54999	2025-01-14 06:15	2025-01-14	Show	GitHub Exploit DB Packet Storm

327	-	-	-	Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. Update	-	CVE-2024-57225	2025-01-14 06:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

328	-	-	-	Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. Update	-	CVE-2024-57224	2025-01-14 06:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

329	-	-	-	Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. Update	-	CVE-2024-57223	2025-01-14 06:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

330	-	-	-	An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private key and access sensitive data or execute a man-in-the-middle attack. Update	-	CVE-2024-54849	2025-01-14 06:15	2025-01-11	Show	GitHub Exploit DB Packet Storm