Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1901	8.8	重要 Network	Synology Inc.	Surveillance Station	Synology Inc. の Surveillance Station における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-29241	2025-01-15 17:16	2024-03-28	Show	GitHub Exploit DB Packet Storm

1902	7.8	重要 Local	クアルコム	qcc2076 ファームウェア WCD9385 ファームウェア qcc2073 ファームウェア wsa8845 ファームウェア sc8380xp ファームウェア wsa8845h ファームウェア WCD9380 ファームウェア wsa8840 ファームウェア fastc…	複数のクアルコム製品における境界外読み取りに関する脆弱性	CWE-125 CWE-126	CVE-2024-45546	2025-01-15 17:16	2024-09-2	Show	GitHub Exploit DB Packet Storm

1903	5.5	警告 Local	Huawei	HarmonyOS	Huawei の HarmonyOS における脆弱性	CWE-120 CWE-noinfo	CVE-2024-56453	2025-01-15 17:16	2024-12-26	Show	GitHub Exploit DB Packet Storm

1904	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における配列インデックスの検証に関する脆弱性	CWE-129 配列インデックスの不適切な検証	CVE-2024-56608	2025-01-15 17:11	2024-10-1	Show	GitHub Exploit DB Packet Storm

1905	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2024-56697	2025-01-15 17:11	2024-11-4	Show	GitHub Exploit DB Packet Storm

1906	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2024-56743	2025-01-15 17:11	2024-11-18	Show	GitHub Exploit DB Packet Storm

1907	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2024-56747	2025-01-15 17:11	2024-11-6	Show	GitHub Exploit DB Packet Storm

1908	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2024-56765	2025-01-15 17:11	2024-12-18	Show	GitHub Exploit DB Packet Storm

1909	7.5	重要 Network	Huawei	HarmonyOS	Huawei の HarmonyOS における脆弱性	CWE-264 CWE-noinfo	CVE-2024-56436	2025-01-15 17:10	2024-12-26	Show	GitHub Exploit DB Packet Storm

1910	7.8	重要 Local	クアルコム	qcc2076 ファームウェア WCD9385 ファームウェア qcc2073 ファームウェア wsa8845 ファームウェア sc8380xp ファームウェア wsa8845h ファームウェア WCD9380 ファームウェア wsa8840 ファームウェア fastc…	複数のクアルコム製品における境界外読み取りに関する脆弱性	CWE-125 CWE-126	CVE-2024-45548	2025-01-15 17:10	2024-09-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 13, 2025, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1	-		-	-	PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the dateexpense parameter. New	-	CVE-2025-25351	2025-02-13 01:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

2	-		-	-	PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the costitem parameter. New	-	CVE-2025-25349	2025-02-13 01:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

3	3.5	LOW Network	-	-	A vulnerability was found in code-projects Wazifa System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /Profile.php. The manipulation of the argument p… New	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2025-1208	2025-02-13 01:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

4	3.1	LOW Adjacent	-	-	A vulnerability was found in phjounin TFTPD64 4.64. It has been declared as problematic. This vulnerability affects unknown code of the component DNS Handler. The manipulation leads to denial of serv… New	CWE-404 Improper Resource Shutdown or Release	CVE-2025-1207	2025-02-13 01:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

5	-		-	-	In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent p… New	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2025-0556	2025-02-13 01:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

6	-		-	-	Improper Authorization in GitLab CE/EE affecting all versions from 17.7 prior to 17.7.4, 17.8 prior to 17.8.2 allow users with limited permissions to perform unauthorized actions on critical project … New	CWE-863 Incorrect Authorization	CVE-2025-0516	2025-02-13 01:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

7	-		-	-	In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive's content into a restricted director… New	CWE-22 Path Traversal	CVE-2025-0332	2025-02-13 01:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

8	-		-	-	An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from t… New	CWE-441 Confused Deputy	CVE-2024-9870	2025-02-13 01:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

9	-		-	-	In Progress® Telerik® KendoReact versions v3.5.0 through v9.4.0, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or command inje… New	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2024-12629	2025-02-13 01:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

10	-		-	-	In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), unzipping an archive can lead to arbitrary file system access. New	CWE-22 Path Traversal	CVE-2024-11343	2025-02-13 01:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed