Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1831 4.3 警告
Network 		DesDev Inc. DedeCMS DesDev Inc. の DedeCMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2024-4585 2025-01-16 12:32 2024-05-7 Show GitHub Exploit DB Packet Storm
1832 4.3 警告
Network 		DesDev Inc. DedeCMS DesDev Inc. の DedeCMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2024-4594 2025-01-16 12:32 2024-05-7 Show GitHub Exploit DB Packet Storm
1833 5.9 警告
Network 		Ampache.org Ampache Ampache.org の Ampache におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-79
CVE-2024-28853 2025-01-16 12:32 2024-03-27 Show GitHub Exploit DB Packet Storm
1834 7.8 重要
Local 		マイクロソフト Microsoft Excel
Microsoft 365 Apps
Microsoft Office 		Microsoft Excel のリモートでコードが実行される脆弱性 CWE-416
CWE-noinfo
CVE-2024-49069 2025-01-16 12:30 2024-12-10 Show GitHub Exploit DB Packet Storm
1835 7.8 重要
Local 		クアルコム QCA6436 ファームウェア
qam8650p ファームウェア
fastconnect 6700 ファームウェア
QCA6574A ファームウェア
qam8775p ファームウェア
QAM8295P ファームウェア
QCA6431 ファームウェア
fastconnect&n… 		複数のクアルコム製品における初期化されていないポインタのアクセスに関する脆弱性 CWE-824
CWE-824
CVE-2023-43531 2025-01-16 12:30 2023-09-19 Show GitHub Exploit DB Packet Storm
1836 6.1 警告
Network 		Metagauss Inc. eventprime Metagauss Inc. の WordPress 用 eventprime におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1320 2025-01-16 12:30 2024-03-9 Show GitHub Exploit DB Packet Storm
1837 4.3 警告
Network 		Themeum Tutor LMS Themeum の WordPress 用 Tutor LMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2024-1503 2025-01-16 12:30 2024-03-21 Show GitHub Exploit DB Packet Storm
1838 5.4 警告
Network 		IdeaBox Creations PowerPack Addons for Elementor IdeaBox Creations の WordPress 用 PowerPack Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-2491 2025-01-16 12:30 2024-03-30 Show GitHub Exploit DB Packet Storm
1839 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. fh1205 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の fh1205 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-3008 2025-01-16 12:30 2024-03-27 Show GitHub Exploit DB Packet Storm
1840 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. fh1205 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の fh1205 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-3010 2025-01-16 12:30 2024-03-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 12, 2025, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
71 - - - In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab New CWE-79
Cross-site Scripting 		CVE-2025-26493 2025-02-11 23:15 2025-02-11 Show GitHub Exploit DB Packet Storm
72 - - - In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources New CWE-522
 Insufficiently Protected Credentials 		CVE-2025-26492 2025-02-11 23:15 2025-02-11 Show GitHub Exploit DB Packet Storm
73 - - - PandasAI uses an interactive prompt function that is vulnerable to prompt injection and run arbitrary Python code that can lead to Remote Code Execution (RCE) instead of the intended explanation of t… New - CVE-2024-12366 2025-02-11 23:15 2025-02-11 Show GitHub Exploit DB Packet Storm
74 6.2 MEDIUM
Local 		- - A vulnerability has been identified in OpenV2G (All versions < V0.9.6). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a… New CWE-120
Classic Buffer Overflow 		CVE-2025-24956 2025-02-11 20:15 2025-02-11 Show GitHub Exploit DB Packet Storm
75 6.5 MEDIUM
Network 		- - A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0) (All versions < V4.7), S… New CWE-1286
 Improper Validation of Syntactic Correctness of Input 		CVE-2025-24812 2025-02-11 20:15 2025-02-11 Show GitHub Exploit DB Packet Storm
76 7.0 HIGH
Local 		- - A vulnerability has been identified in SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions). The affected device do not properly restrict the user permission for the registry k… New CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2025-23403 2025-02-11 20:15 2025-02-11 Show GitHub Exploit DB Packet Storm
77 7.4 HIGH
Network 		- - A vulnerability has been identified in Teamcenter (All versions < V14.3.0.0). The SSO login service of affected applications accepts user-controlled input that could specify a link to an external sit… New CWE-601
Open Redirect 		CVE-2025-23363 2025-02-11 20:15 2025-02-11 Show GitHub Exploit DB Packet Storm
78 4.9 MEDIUM
Network 		- - The SuperSaaS – online appointment scheduling plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘after’ parameter in all versions up to, and including, 2.1.12 due to insuffici… New CWE-79
Cross-site Scripting 		CVE-2025-0862 2025-02-11 20:15 2025-02-11 Show GitHub Exploit DB Packet Storm
79 7.5 HIGH
Network 		- - A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-… New CWE-404
 Improper Resource Shutdown or Release 		CVE-2025-24811 2025-02-11 20:15 2025-02-11 Show GitHub Exploit DB Packet Storm
80 4.3 MEDIUM
Network 		- - A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-… New CWE-284
Improper Access Control 		CVE-2025-24532 2025-02-11 20:15 2025-02-11 Show GitHub Exploit DB Packet Storm