Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 14, 2025, 6:04 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
161 5.3 警告
Network
IBM IBM CICS TX IBM の IBM CICS TX における観測可能な不一致に関する脆弱性 New CWE-203
CWE-204
CVE-2023-38362 2025-01-14 13:30 2023-11-3 Show GitHub Exploit DB Packet Storm
162 6.5 警告
Network
Mozilla Foundation Mozilla Firefox Mozilla Foundation の Mozilla Firefox における脆弱性 New CWE-Other
その他
CVE-2024-10941 2025-01-14 13:22 2024-05-14 Show GitHub Exploit DB Packet Storm
163 8.8 重要
Network
マイクロソフト Microsoft SQL Server
Microsoft OLE DB Driver
SQL Server 用 Microsoft OLE DB ドライバーのリモートでコードが実行される脆弱性 New CWE-122
CWE-noinfo
CVE-2024-28912 2025-01-14 13:22 2024-04-9 Show GitHub Exploit DB Packet Storm
164 7.2 重要
Network
マイクロソフト Azure Database for PostgreSQL Flexible Server Azure Database for PostgreSQL フレキシブル サーバー拡張機能の特権昇格の脆弱性 New CWE-77
CWE-noinfo
CVE-2024-43613 2025-01-14 13:22 2024-11-12 Show GitHub Exploit DB Packet Storm
165 6.2 警告
Adjacent
マイクロソフト Azure Arc Cluster microsoft.azure.hybridnetwork Extension
Azure Arc Cluster microsoft.azstackhci.operator Extension
Azure Arc Cluster micr…
Azure Arc 対応 Kubernetes 拡張機能クラスタースコープの特権昇格の脆弱性 New CWE-284
CWE-noinfo
CVE-2024-28917 2025-01-14 13:22 2024-04-9 Show GitHub Exploit DB Packet Storm
166 4.6 警告
Physics
Linux Linux Kernel Linux の Linux Kernel における境界条件の判定に関する脆弱性 New CWE-193
境界条件の判定
CVE-2024-53149 2025-01-14 12:04 2024-11-10 Show GitHub Exploit DB Packet Storm
167 5.3 警告
Network
Huawei USG6000V ファームウェア
NGFW Module ファームウェア
Secospace USG6600 ファームウェア
NIP6800 ファームウェア
Secospace USG6500 ファームウェア
NIP6300 ファームウェア
IPS Module…
複数の Huawei 製品における境界外読み取りに関する脆弱性 New CWE-125
CWE-125
CVE-2020-1819 2025-01-14 11:48 2024-12-27 Show GitHub Exploit DB Packet Storm
168 4.3 警告
Network
WPDeveloper Essential Addons for Elementor WPDeveloper の WordPress 用 Essential Addons for Elementor における認証の欠如に関する脆弱性 New CWE-862
認証の欠如
CVE-2021-4446 2025-01-14 11:48 2024-10-16 Show GitHub Exploit DB Packet Storm
169 7.5 重要
Network
クアルコム CSRB31024 ファームウェア
AR8035 ファームウェア
fastconnect 6900 ファームウェア
QCA6391 ファームウェア
QCA6564AU ファームウェア
fastconnect 6700 ファームウェア
QCA6426 ファームウェア
複数のクアルコム製品における有効期限後のメモリの解放の欠如に関する脆弱性 New CWE-401
CWE-401
CVE-2023-33086 2025-01-14 11:48 2023-05-17 Show GitHub Exploit DB Packet Storm
170 7.5 重要
Network
クアルコム AR8035 ファームウェア
fastconnect 6900 ファームウェア
qca6698aq ファームウェア
QCA6574A ファームウェア
QCA6391 ファームウェア
QCA8337 ファームウェア
QCA8081 ファームウェア
fastconnect&nbs…
複数のクアルコム製品における到達可能なアサーションに関する脆弱性 New CWE-617
CWE-617
CVE-2023-33095 2025-01-14 11:48 2023-05-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 14, 2025, 4:09 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291 - - - Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege Escalation.This issue affects Registration role: from 0.0.0 before 2.0.1. - CVE-2024-13251 2025-01-11 02:15 2025-01-10 Show GitHub Exploit DB Packet Storm
292 - - - Cross-Site Request Forgery (CSRF) vulnerability in Drupal Drupal Symfony Mailer Lite allows Cross Site Request Forgery.This issue affects Drupal Symfony Mailer Lite: from 0.0.0 before 1.0.6. - CVE-2024-13250 2025-01-11 02:15 2025-01-10 Show GitHub Exploit DB Packet Storm
293 - - - Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate Tools allows Cross Site Request Forgery.This issue affects Migrate Tools: from 0.0.0 before 6.0.3. - CVE-2024-13244 2025-01-11 02:15 2025-01-10 Show GitHub Exploit DB Packet Storm
294 - - - Missing Authorization vulnerability in Drupal Entity Delete Log allows Forceful Browsing.This issue affects Entity Delete Log: from 0.0.0 before 1.1.1. - CVE-2024-13243 2025-01-11 02:15 2025-01-10 Show GitHub Exploit DB Packet Storm
295 7.8 HIGH
Local
qualcomm fastconnect_6900_firmware
fastconnect_7800_firmware
qam8295p_firmware
qca6574au_firmware
qca6696_firmware
qcm8550_firmware
qcs6490_firmware
qcs8550_firmware
video_collaboratio…
Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls, CWE-787
 Out-of-bounds Write
CVE-2024-33041 2025-01-11 02:15 2025-01-6 Show GitHub Exploit DB Packet Storm
296 7.8 HIGH
Local
qualcomm fastconnect_6900_firmware
fastconnect_7800_firmware
qam8295p_firmware
qca6574au_firmware
qca6696_firmware
qcm8550_firmware
qcs6490_firmware
qcs8550_firmware
video_collaboratio…
Memory corruption while invoking IOCTL calls to unmap the DMA buffers. CWE-416
 Use After Free
CVE-2024-33055 2025-01-11 02:01 2025-01-6 Show GitHub Exploit DB Packet Storm
297 7.8 HIGH
Local
qualcomm fastconnect_6900_firmware
fastconnect_7800_firmware
qcm8550_firmware
qcs8550_firmware
sg8275p_firmware
sm8550p_firmware
snapdragon_8_gen_2_mobile_firmware
snapdragon_8_gen_3_mobi…
Memory corruption while processing frame command IOCTL calls. CWE-416
 Use After Free
CVE-2024-33059 2025-01-11 01:53 2025-01-6 Show GitHub Exploit DB Packet Storm
298 5.5 MEDIUM
Local
qualcomm qcs8550_firmware
sw5100_firmware
sw5100p_firmware
wcn3660b_firmware
wcn3680b_firmware
wcn3980_firmware
wcn3988_firmware
wsa8830_firmware
wsa8835_firmware
Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process. CWE-125
Out-of-bounds Read
CVE-2024-33061 2025-01-11 01:49 2025-01-6 Show GitHub Exploit DB Packet Storm
299 - - - Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injection in /goform/SetSambaCfg, which may lead to remote arbitrary code execution. - CVE-2025-22949 2025-01-11 01:15 2025-01-11 Show GitHub Exploit DB Packet Storm
300 - - - WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerab… CWE-79
Cross-site Scripting
CVE-2025-22600 2025-01-11 01:15 2025-01-11 Show GitHub Exploit DB Packet Storm