Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1641	8	重要 Adjacent	マイクロソフト	Microsoft Windows 10 Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2012 Microsoft Windows Server&…	セキュアブートのセキュリティ機能のバイパスの脆弱性	CWE-121 CWE-noinfo	CVE-2024-28925	2025-01-17 10:18	2024-04-9	Show	GitHub Exploit DB Packet Storm

1642	8.8	重要 Network	マイクロソフト	Microsoft SQL Server Microsoft Visual Studio Microsoft ODBC Driver	SQL Server 用 Microsoft ODBC ドライバーのリモートでコードが実行される脆弱性	CWE-191 CWE-noinfo	CVE-2024-28930	2025-01-17 09:53	2024-04-9	Show	GitHub Exploit DB Packet Storm

1643	8.8	重要 Network	マイクロソフト	Microsoft SQL Server Microsoft Visual Studio Microsoft ODBC Driver	SQL Server 用 Microsoft ODBC ドライバーのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2024-28935	2025-01-17 09:48	2024-04-9	Show	GitHub Exploit DB Packet Storm

1644	8.1	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows Server 2022 Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microso…	Windows リモートデスクトップサービスのリモートでコードが実行される脆弱性	CWE-362 CWE-453	CVE-2024-49120	2025-01-17 09:47	2024-12-10	Show	GitHub Exploit DB Packet Storm

1645	8.8	重要 Network	マイクロソフト	Microsoft SQL Server Microsoft Visual Studio Microsoft ODBC Driver	SQL Server 用 Microsoft ODBC ドライバーのリモートでコードが実行される脆弱性	CWE-191 CWE-noinfo	CVE-2024-28933	2025-01-17 09:47	2024-04-9	Show	GitHub Exploit DB Packet Storm

1646	8.8	重要 Local	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows Server 2025	Windows Hyper-V のリモートでコードが実行される脆弱性	CWE-393 CWE-noinfo	CVE-2024-49117	2025-01-17 09:47	2024-12-10	Show	GitHub Exploit DB Packet Storm

1647	8.8	重要 Network	マイクロソフト	Microsoft SQL Server Microsoft Visual Studio Microsoft ODBC Driver	SQL Server 用 Microsoft ODBC ドライバーのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2024-28932	2025-01-17 09:47	2024-04-9	Show	GitHub Exploit DB Packet Storm

1648	8.1	重要 Network	マイクロソフト	Microsoft Windows Server 2022 Microsoft Windows Server 2019 Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server&…	Windows リモートデスクトップサービスのリモートでコードが実行される脆弱性	CWE-362 CWE-591	CVE-2024-49123	2025-01-17 09:47	2024-12-10	Show	GitHub Exploit DB Packet Storm

1649	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2024-53206	2025-01-17 09:44	2024-11-28	Show	GitHub Exploit DB Packet Storm

1650	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2024-56602	2025-01-17 09:44	2024-10-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 25, 2025, 4:06 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
701	-	-	-	Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in agent-related functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and …	CWE-22 Path Traversal	CVE-2024-47264	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

702	-	-	-	The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which co…	-	CVE-2024-13120	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

703	-	-	-	The Chalet-Montagne.com Tools WordPress plugin through 2.7.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be…	-	CVE-2024-12586	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

704	-	-	-	Cross Site Scripting vulnerability in Daylight Studio Fuel CMS v.1.5.2 allows an attacker to escalate privileges via the /fuel/blocks/ and /fuel/pages components.	-	CVE-2024-57605	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

705	-	-	-	An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.	-	CVE-2024-57604	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

706	-	-	-	Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter.	-	CVE-2024-57601	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

707	-	-	-	An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service (DoS) via excessive file uploads.	-	CVE-2024-56940	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

708	-	-	-	An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the NtBpfService component.	-	CVE-2024-51440	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

709	-	-	-	An issue in Zertificon Z1 SecureMail Z1 SecureMail Gateway 4.44.2-7240-debian12 allows a remote attacker to obtain sensitive information via the /compose-pdf.xhtml?convid=[id] component.	-	CVE-2024-51123	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

710	-	-	-	Cross Site Scripting vulnerability in Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516-debian12 alllows a remote attacker to execute arbitrary code via the ST, L, O, OU, CN parameters.	-	CVE-2024-51122	2025-02-19 03:15	2025-02-13	Show	GitHub Exploit DB Packet Storm