Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1701	4.3	警告 Network	DesDev Inc.	DedeCMS	DesDev Inc. の DedeCMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2024-4587	2025-01-16 17:12	2024-05-7	Show	GitHub Exploit DB Packet Storm

1702	7.1	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2024-36935	2025-01-16 17:12	2024-04-25	Show	GitHub Exploit DB Packet Storm

1703	9.8	緊急 Network	IBM	IBM Cognos Controller	IBM の IBM Cognos Controller における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2023-38724	2025-01-16 17:12	2023-07-25	Show	GitHub Exploit DB Packet Storm

1704	8.8	重要 Network	IBM	IBM Security Guardium	IBM の IBM Security Guardium における OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2023-47709	2025-01-16 17:12	2023-11-9	Show	GitHub Exploit DB Packet Storm

1705	5.9	警告 Network	Huawei	HarmonyOS	Huawei の HarmonyOS における競合状態に関する脆弱性	CWE-362 CWE-362	CVE-2024-54102	2025-01-16 17:12	2024-12-12	Show	GitHub Exploit DB Packet Storm

1706	7.5	重要 Network	マイクロソフト	Microsoft SQL Server Microsoft OLE DB Driver	SQL Server 用 Microsoft OLE DB ドライバーのリモートでコードが実行される脆弱性	CWE-121 CWE-noinfo	CVE-2024-29045	2025-01-16 17:09	2024-04-9	Show	GitHub Exploit DB Packet Storm

1707	8.8	重要 Network	マイクロソフト	Microsoft SQL Server Microsoft OLE DB Driver	SQL Server 用 Microsoft OLE DB ドライバーのリモートでコードが実行される脆弱性	CWE-190 CWE-noinfo	CVE-2024-28942	2025-01-16 17:05	2024-04-9	Show	GitHub Exploit DB Packet Storm

1708	8.8	重要 Network	マイクロソフト	Microsoft SQL Server Microsoft OLE DB Driver	SQL Server 用 Microsoft OLE DB ドライバーのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2024-29048	2025-01-16 17:02	2024-04-9	Show	GitHub Exploit DB Packet Storm

1709	8.8	重要 Network	マイクロソフト	Microsoft SQL Server Microsoft OLE DB Driver	SQL Server 用 Microsoft OLE DB ドライバーのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2024-29983	2025-01-16 17:00	2024-04-9	Show	GitHub Exploit DB Packet Storm

1710	8.8	重要 Network	マイクロソフト	Microsoft SQL Server Microsoft OLE DB Driver	SQL Server 用 Microsoft OLE DB ドライバーのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2024-29985	2025-01-16 16:58	2024-04-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 25, 2025, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
501	9.8	CRITICAL Network	dlink	dir-853_firmware	D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the AccountPassword parameter in the SetSysEmailSettings module.	CWE-787 Out-of-bounds Write	CVE-2025-25742	2025-02-20 04:02	2025-02-13	Show	GitHub Exploit DB Packet Storm

502	-		-	-	Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications via a web portal. If users are allowed to sign in via …	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2025-24806	2025-02-20 03:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

503	4.4	MEDIUM Local	-	-	A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extrac…	CWE-501 Trust Boundary Violation	CVE-2025-1118	2025-02-20 03:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

504	-		-	-	Symantec Diagnostic Tool (SymDiag), prior to 3.0.79, may be susceptible to a Privilege Escalation vulnerability.	-	CVE-2025-0893	2025-02-20 03:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

505	5.4	MEDIUM Network	-	-	Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts in…	CWE-79 Cross-site Scripting	CVE-2024-53974	2025-02-20 03:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

506	6.7	MEDIUM Local	-	-	A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue …	CWE-787 Out-of-bounds Write	CVE-2024-45777	2025-02-20 03:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

507	-		-	-	crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creatio…	CWE-22 Path Traversal	CVE-2025-24965	2025-02-20 02:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

508	-		-	-	Directus is a real-time API and App dashboard for managing SQL database content. In affected versions if there are two overlapping policies for the `update` action that allow access to different fiel…	CWE-863 Incorrect Authorization	CVE-2025-27089	2025-02-20 02:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

509	-		-	-	Dell Client Platform BIOS contains a Weak Authentication vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.	CWE-1390 Weak Authentication	CVE-2024-52541	2025-02-20 02:15	2025-02-20	Show	GitHub Exploit DB Packet Storm

510	8.2	HIGH Network	-	-	IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploi…	CWE-611 XXE	CVE-2023-47160	2025-02-20 02:15	2025-02-20	Show	GitHub Exploit DB Packet Storm