Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194591 6.9 警告 ACD Systems - ACDSee Photo Editor 2008 における権限を取得される脆弱性 CWE-Other
その他 		CVE-2011-5152 2012-09-10 15:23 2012-09-6 Show GitHub Exploit DB Packet Storm
194592 6.9 警告 ACD Systems - ACDSee Picture Frame Manager における権限を取得される脆弱性 CWE-Other
その他 		CVE-2011-5151 2012-09-10 15:21 2012-09-6 Show GitHub Exploit DB Packet Storm
194593 6.9 警告 Babylon - Babylon における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5225 2012-09-10 14:35 2012-09-6 Show GitHub Exploit DB Packet Storm
194594 6.9 警告 CoolMedia - Cool iPhone Ringtone Maker における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5224 2012-09-10 14:33 2012-09-6 Show GitHub Exploit DB Packet Storm
194595 6.9 警告 Phoenix Project Management Systems - Phoenix Project Manager における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5223 2012-09-10 14:31 2012-09-6 Show GitHub Exploit DB Packet Storm
194596 6.9 警告 Audiotool - Ease Jukebox における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5222 2012-09-10 14:30 2012-09-6 Show GitHub Exploit DB Packet Storm
194597 6.9 警告 STDUtility - STDU Explorer における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5221 2012-09-10 14:30 2012-09-6 Show GitHub Exploit DB Packet Storm
194598 6.9 警告 NCH Software - MEO Encryption Software における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5220 2012-09-10 14:28 2012-09-6 Show GitHub Exploit DB Packet Storm
194599 6.9 警告 SmartSoft - SmartFTP における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5219 2012-09-10 14:27 2012-09-6 Show GitHub Exploit DB Packet Storm
194600 6.9 警告 Dupehunter - Dupehunter における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-5218 2012-09-10 14:25 2012-09-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 7, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
901 - - - An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to show subscription's information of others users by changing th… CWE-284
Improper Access Control 		CVE-2025-0739 2025-01-30 20:15 2025-01-30 Show GitHub Exploit DB Packet Storm
902 6.4 MEDIUM
Network 		- - The Clinked Client Portal plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'clinked-login-button' shortcode in all versions up to, and including, 1.9 due to insuffic… CWE-79
Cross-site Scripting 		CVE-2024-12524 2025-01-30 20:15 2025-01-30 Show GitHub Exploit DB Packet Storm
903 - - - Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could po… CWE-428
 Unquoted Search Path or Element 		CVE-2025-21107 2025-01-30 19:15 2025-01-30 Show GitHub Exploit DB Packet Storm
904 - - - Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Won… CWE-269
 Improper Privilege Management 		CVE-2025-0834 2025-01-30 18:15 2025-01-30 Show GitHub Exploit DB Packet Storm
905 6.4 MEDIUM
Network 		- - The EthereumICO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ethereum-ico shortcode in all versions up to, and including, 2.4.6 due to insufficient input sanitiz… CWE-79
Cross-site Scripting 		CVE-2024-12921 2025-01-30 15:15 2025-01-30 Show GitHub Exploit DB Packet Storm
906 - - - The Tracking Code Manager WordPress plugin before 2.4.0 does not sanitise and escape some of its metabox settings when outputing them in the page, which could allow users with a role as low as Contri… - CVE-2024-10309 2025-01-30 15:15 2025-01-30 Show GitHub Exploit DB Packet Storm
907 - - - Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A high privileged attacker wit… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2025-23374 2025-01-30 14:15 2025-01-30 Show GitHub Exploit DB Packet Storm
908 6.5 MEDIUM
Network 		- - A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Req… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2025-0848 2025-01-30 11:15 2025-01-30 Show GitHub Exploit DB Packet Storm
909 7.8 HIGH
Local 		apple macos
ipados
iphone_os
visionos
watchos
tvos 		A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious applicati… CWE-416
 Use After Free 		CVE-2025-24085 2025-01-30 11:00 2025-01-28 Show GitHub Exploit DB Packet Storm
910 9.9 CRITICAL
Network 		- - Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network. CWE-290
 Authentication Bypass by Spoofing 		CVE-2025-21415 2025-01-30 08:15 2025-01-30 Show GitHub Exploit DB Packet Storm