Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1601	5.3	警告 Network	NetApp 日本電気 ISC, Inc.	Active IQ Unified Manager ESMPRO/ServerAgent NEC Multimedia OLAP for 映像分析サービス BIND	ISC, Inc. の BIND 等複数ベンダの製品における脆弱性	CWE-noinfo 情報不足	CVE-2023-5680	2025-01-17 13:18	2023-10-20	Show	GitHub Exploit DB Packet Storm

1602	7.5	重要 Network	日本電気 Fedora Project NetApp ISC, Inc.	ESMPRO/ServerAgent NEC Multimedia OLAP for 映像分析サービス Active IQ Unified Manager Fedora BIND	NetApp の Active IQ Unified Manager 等複数ベンダの製品における脆弱性	CWE-noinfo 情報不足	CVE-2023-5679	2025-01-17 13:13	2023-10-20	Show	GitHub Exploit DB Packet Storm

1603	7.5	重要 Network	日本電気 Fedora Project NetApp ISC, Inc.	ESMPRO/ServerAgent NEC Multimedia OLAP for 映像分析サービス Active IQ Unified Manager Fedora BIND	NetApp の Active IQ Unified Manager 等複数ベンダの製品における到達可能なアサーションに関する脆弱性	CWE-617 CWE-617	CVE-2023-5517	2025-01-17 13:12	2023-10-11	Show	GitHub Exploit DB Packet Storm

1604	7.5	重要 Network	Fedora Project 日本電気 ISC, Inc.	NEC Multimedia OLAP for 映像分析サービス Fedora ESMPRO/ServerAgent BIND	NetApp の ONTAP (旧 Clustered Data ONTAP) 等複数ベンダの製品における脆弱性	CWE-noinfo 情報不足	CVE-2023-4408	2025-01-17 13:10	2023-08-18	Show	GitHub Exploit DB Packet Storm

1605	9.8	緊急 Network	Apache Software Foundation	Apache Struts	Apache Struts 2 における外部からアクセス可能なファイルの脆弱性 (S2-066)	CWE-552 外部からアクセス可能なファイルまたはディレクトリ	CVE-2023-50164	2025-01-17 12:58	2023-12-8	Show	GitHub Exploit DB Packet Storm

1606	9.8	緊急 Network	Apache Software Foundation	hertzbeat	Apache Software Foundation の hertzbeat におけるインジェクションに関する脆弱性	CWE-74 CWE-74	CVE-2023-51388	2025-01-17 12:08	2023-12-18	Show	GitHub Exploit DB Packet Storm

1607	9.8	緊急 Network	Ivanti	Avalanche	Ivanti の Avalanche におけるパストラバーサルの脆弱性	CWE-22 CWE-22 CWE-288	CVE-2024-13179	2025-01-17 12:08	2025-01-14	Show	GitHub Exploit DB Packet Storm

1608	5.4	警告 Network	Themeisle	Orbit Fox	ThemeIsle の WordPress 用 Orbit Fox におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-13183	2025-01-17 12:08	2025-01-10	Show	GitHub Exploit DB Packet Storm

1609	4.3	警告 Network	Progress Software Corporation	MOVEit Transfer	Progress Software Corporation の MOVEit Transfer における脆弱性	CWE-778 CWE-Other	CVE-2024-2291	2025-01-17 12:08	2024-03-20	Show	GitHub Exploit DB Packet Storm

1610	4.8	警告 Network	MantisBT Group	MantisBT	MantisBT Group の MantisBT におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2024-34081	2025-01-17 12:08	2024-05-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 23, 2025, 4:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
571	-	-	-	An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.	-	CVE-2024-57604	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

572	-	-	-	Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter.	-	CVE-2024-57601	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

573	-	-	-	An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service (DoS) via excessive file uploads.	-	CVE-2024-56940	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

574	-	-	-	An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the NtBpfService component.	-	CVE-2024-51440	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

575	-	-	-	An issue in Zertificon Z1 SecureMail Z1 SecureMail Gateway 4.44.2-7240-debian12 allows a remote attacker to obtain sensitive information via the /compose-pdf.xhtml?convid=[id] component.	-	CVE-2024-51123	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

576	-	-	-	Cross Site Scripting vulnerability in Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516-debian12 alllows a remote attacker to execute arbitrary code via the ST, L, O, OU, CN parameters.	-	CVE-2024-51122	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

577	-	-	-	An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_ib_fill in the Xclipse Driver.	-	CVE-2024-46923	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

578	-	-	-	An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_parser_bos in the Xclipse Driver.	-	CVE-2024-46922	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

579	-	-	-	Uncontrolled search path for some Intel(R) Quartus(R) Prime Software before version 23.1.1 Patch 1.01std may allow an authenticated user to potentially enable escalation of privilege via local access.	CWE-427 Uncontrolled Search Path Element	CVE-2024-42405	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

580	-	-	-	Time-of-check time-of-use race condition for some Intel(R) Battery Life Diagnostic Tool software before version 2.4.1 may allow an authenticated user to potentially enable escalation of privilege via…	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2024-41917	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm