Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 19, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
161 9.8 緊急
Network 		Hitachi Energy FOXMAN-UN
UNEM 		Hitachi Energy の FOXMAN-UN および UNEM における脆弱性 Update CWE-noinfo
情報不足 		CVE-2024-2012 2025-01-17 15:25 2024-06-11 Show GitHub Exploit DB Packet Storm
162 10 緊急
Network 		Hitachi Energy FOXMAN-UN
UNEM 		Hitachi Energy の FOXMAN-UN および UNEM における重要な機能に対する認証の欠如に関する脆弱性 Update CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2024-2013 2025-01-17 15:22 2024-06-11 Show GitHub Exploit DB Packet Storm
163 7.5 重要
Network 		マイクロソフト Microsoft SharePoint Server
Microsoft SharePoint Enterprise Server 		Microsoft SharePoint Server の情報漏えいの脆弱性 New CWE-611
CWE-noinfo
CVE-2024-30043 2025-01-17 15:21 2024-05-14 Show GitHub Exploit DB Packet Storm
164 5.5 警告
Local 		マイクロソフト Microsoft Windows Server 2008
Microsoft Windows Server 2022
Microsoft Windows 11
Microsoft Windows Server 2019
Microsoft Window… 		Windows 共通ログ ファイル システム ドライバーの特権の昇格の脆弱性 New CWE-125
CWE-noinfo
CVE-2024-30037 2025-01-17 15:20 2024-05-14 Show GitHub Exploit DB Packet Storm
165 7.8 重要
Local 		マイクロソフト Microsoft Windows Server 2022
Microsoft Windows 11
Microsoft Windows Server 2019
Microsoft Windows Server 2016
Microsoft Window… 		Windows DWM Core ライブラリの特権の昇格の脆弱性 New CWE-416
CWE-noinfo
CVE-2024-30032 2025-01-17 15:08 2024-05-14 Show GitHub Exploit DB Packet Storm
166 7.8 重要
Local 		マイクロソフト Microsoft Windows Server 2008
Microsoft Windows Server 2022
Microsoft Windows 11
Microsoft Windows Server 2019
Microsoft Window… 		Win32k の特権の昇格の脆弱性 New CWE-416
CWE-noinfo
CVE-2024-30028 2025-01-17 15:02 2024-05-14 Show GitHub Exploit DB Packet Storm
167 7.8 重要
Local 		Progress Software Corporation telerik reporting Progress Software Corporation の telerik reporting における信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-502
CWE-502
CVE-2024-1801 2025-01-17 15:01 2024-03-20 Show GitHub Exploit DB Packet Storm
168 5.9 警告
Network 		Devolutions Devolutions Remote Desktop Manager Devolutions の Devolutions Remote Desktop Manager における不完全なクリーンアップに関する脆弱性 New CWE-459
不完全なクリーンアップ 		CVE-2024-2403 2025-01-17 15:01 2024-03-13 Show GitHub Exploit DB Packet Storm
169 5.4 警告
Network 		Wpmet ElementsKit Elementor addons Wpmet の WordPress 用 ElementsKit Elementor addons におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-3650 2025-01-17 15:01 2024-05-2 Show GitHub Exploit DB Packet Storm
170 7.8 重要
Local 		Progress Software Corporation telerik reporting Progress Software Corporation の telerik reporting における信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-502
CWE-502
CVE-2024-4200 2025-01-17 15:00 2024-05-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 19, 2025, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
461 - - - Buffer Overflow vulnerability in Neat Board NFC v.1.20240620.0015 allows a physically proximate attackers to escalate privileges via a crafted payload to the password field Update - CVE-2024-48806 2025-01-17 04:15 2025-01-10 Show GitHub Exploit DB Packet Storm
462 - - - Canlineapp Online 1.1 is vulnerable to Broken Access Control and allows users with the Auditor role to create an audit template as a result of improper authorization checks. This feature is designate… Update - CVE-2024-56114 2025-01-17 04:15 2025-01-10 Show GitHub Exploit DB Packet Storm
463 - - - Mattermost Mobile versions <= 2.22.0 fail to properly validate the style of proto supplied to an action's style in post.props.attachments, which allows an attacker to crash the mobile via crafted mal… New - CVE-2025-20072 2025-01-17 03:15 2025-01-17 Show GitHub Exploit DB Packet Storm
464 - - - A cross-site scripting (XSS) vulnerability in the /apply/getEditPage?view interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. New - CVE-2024-57776 2025-01-17 03:15 2025-01-17 Show GitHub Exploit DB Packet Storm
465 - - - JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component getWorkFlowHis?insid. New - CVE-2024-57775 2025-01-17 03:15 2025-01-17 Show GitHub Exploit DB Packet Storm
466 - - - A cross-site scripting (XSS) vulnerability in the getBusinessUploadListPage?busid interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payl… New - CVE-2024-57774 2025-01-17 03:15 2025-01-17 Show GitHub Exploit DB Packet Storm
467 - - - A cross-site scripting (XSS) vulnerability in the openSelectManyUserPage?orgid interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. New - CVE-2024-57773 2025-01-17 03:15 2025-01-17 Show GitHub Exploit DB Packet Storm
468 - - - A cross-site scripting (XSS) vulnerability in the /bumph/getDraftListPage?type interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. New - CVE-2024-57772 2025-01-17 03:15 2025-01-17 Show GitHub Exploit DB Packet Storm
469 - - - A cross-site scripting (XSS) vulnerability in the common/getEditPage?view interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. New - CVE-2024-57771 2025-01-17 03:15 2025-01-17 Show GitHub Exploit DB Packet Storm
470 - - - JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component apply/save#oaContractApply.id. New - CVE-2024-57770 2025-01-17 03:15 2025-01-17 Show GitHub Exploit DB Packet Storm