Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
171	5.5	警告 Local	xpdfreader project	xpdf	Glyph & Cog, LLC の Xpdf における再帰制御に関する脆弱性	CWE-674 CWE-674	CVE-2024-4568	2025-01-30 11:14	2024-05-6	Show	GitHub Exploit DB Packet Storm

172	5.4	警告 Network	bdthemes	element pack	bdthemes の WordPress 用 element pack におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2024-4643	2025-01-30 11:14	2024-08-2	Show	GitHub Exploit DB Packet Storm

173	4.4	警告 Local	デル	NativeEdge Orchestrator	デルの NativeEdge Orchestrator における誤った領域へのリソースの漏えいに関する脆弱性	CWE-378 CWE-668	CVE-2024-52543	2025-01-30 11:13	2024-12-25	Show	GitHub Exploit DB Packet Storm

174	9.8	緊急 Network	OpenImageIO project	OpenImageIO	OpenImageIO project の OpenImageIO における脆弱性	CWE-476 CWE-Other	CVE-2024-55193	2025-01-30 11:13	2024-12-6	Show	GitHub Exploit DB Packet Storm

175	9.8	緊急 Network	Projectworlds	online food ordering system	Projectworlds の online food ordering system における SQL インジェクションの脆弱性	CWE-89 CWE-89	CVE-2024-57328	2025-01-30 11:13	2025-01-23	Show	GitHub Exploit DB Packet Storm

176	5.3	警告 Network	Linkz.ai	Linkz.ai - Automatic link previews on hover	Linkz.ai の WordPress 用 Linkz.ai - Automatic link previews on hover における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-9586	2025-01-30 11:13	2024-10-11	Show	GitHub Exploit DB Packet Storm

177	4.3	警告 Network	WPMU DEV	forminator forms	WPMU DEV の WordPress 用 forminator forms におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2024-9351	2025-01-30 10:56	2024-10-17	Show	GitHub Exploit DB Packet Storm

178	7.1	重要 Local	デル	powerstoreos	デルの powerstoreos における引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2024-51532	2025-01-30 10:55	2024-12-19	Show	GitHub Exploit DB Packet Storm

179	5.4	警告 Network	Themeum	tutor lms elementor addons	Themeum の WordPress 用 tutor lms elementor addons におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2024-5576	2025-01-30 10:55	2024-08-20	Show	GitHub Exploit DB Packet Storm

180	5.4	警告 Network	POSIMYTH	The Plus Addons for Elementor Page Builder	POSIMYTH の WordPress 用 The Plus Addons for Elementor Page Builder におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-4484	2025-01-30 10:50	2024-05-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 12, 2025, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1181	7.5	HIGH Network	apple	macos	This issue was addressed by improved management of object lifetimes. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An attacker may be able to cause unexpected …	NVD-CWE-noinfo	CVE-2025-24120	2025-01-31 23:42	2025-01-28	Show	GitHub Exploit DB Packet Storm

1182	4.3	MEDIUM Network	apple	macos ipados iphone_os safari	The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Visiting a malicious website may lead to address bar spoofing.	NVD-CWE-noinfo	CVE-2025-24128	2025-01-31 23:41	2025-01-28	Show	GitHub Exploit DB Packet Storm

1183	7.5	HIGH Network	apple	macos ipados iphone_os visionos watchos tvos	A type confusion issue was addressed with improved checks. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an u…	CWE-843 Type Confusion	CVE-2025-24129	2025-01-31 23:40	2025-01-28	Show	GitHub Exploit DB Packet Storm

1184	5.5	MEDIUM Local	apple	macos iphone_os visionos watchos ipados	This issue was addressed with improved redaction of sensitive information. This issue is fixed in iPadOS 17.7.4, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3. An app may b…	CWE-922 Insecure Storage of Sensitive Information	CVE-2025-24117	2025-01-31 23:40	2025-01-28	Show	GitHub Exploit DB Packet Storm

1185	-		-	-	Reflected Cross-Site Scripting (XSS) in TeamCal Neo, version 3.8.2. This allows an attacker to execute malicious JavaScript code, after injecting code via the ‘abs’ parameter in ‘/teamcal/src/index.p…	CWE-79 Cross-site Scripting	CVE-2025-0930	2025-01-31 23:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

1186	-		-	-	SQL injection vulnerability in TeamCal Neo, version 3.8.2. This could allow an attacker to retrieve, update and delete all database information by injecting a malicious SQL statement via the ‘abs’ pa…	CWE-89 SQL Injection	CVE-2025-0929	2025-01-31 23:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

1187	-		-	-	Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.	CWE-426 Untrusted Search Path	CVE-2025-24828	2025-01-31 22:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

1188	-		-	-	In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix lockup on tx to unregistering netdev with carrier Commit in a fixes tag attempted to fix the issue in the follow…	-	CVE-2025-21681	2025-01-31 21:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

1189	-		-	-	In the Linux kernel, the following vulnerability has been resolved: btrfs: add the missing error handling inside get_canonical_dev_path Inside function get_canonical_dev_path(), we call d_path() to…	-	CVE-2025-21679	2025-01-31 21:15	2025-01-31	Show	GitHub Exploit DB Packet Storm

1190	-		-	-	In the Linux kernel, the following vulnerability has been resolved: pfcp: Destroy device along with udp socket's netns dismantle. pfcp_newlink() links the device to a list in dev_net(dev) instead o…	-	CVE-2025-21677	2025-01-31 21:15	2025-01-31	Show	GitHub Exploit DB Packet Storm