Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1961 4.6 警告
Physics 		Huawei Mate 20 ファームウェア Huawei の Mate 20 ファームウェアにおける脆弱性 CWE-200
CWE-noinfo
CVE-2020-9082 2025-01-15 14:18 2020-02-18 Show GitHub Exploit DB Packet Storm
1962 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. FH1202 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の FH1202 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-2987 2025-01-15 14:18 2024-03-27 Show GitHub Exploit DB Packet Storm
1963 7.8 重要
Local 		クアルコム qam8650p ファームウェア
qca6698aq ファームウェア
SA8155P ファームウェア
fastconnect 6900 ファームウェア
QCA6595AU ファームウェア
qam8775p ファームウェア
QCA6574A ファームウェア
fastconnec… 		複数のクアルコム製品における解放済みメモリの使用に関する脆弱性 CWE-416
CWE-416
CVE-2024-21472 2025-01-15 14:18 2024-04-1 Show GitHub Exploit DB Packet Storm
1964 7.7 重要
Network 		Synology Inc. Surveillance Station Synology Inc. の Surveillance Station における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-29228 2025-01-15 14:18 2024-03-28 Show GitHub Exploit DB Packet Storm
1965 7.5 重要
Network 		Huawei EMUI
HarmonyOS 		Huawei の EMUI および HarmonyOS における脆弱性 CWE-672
CWE-noinfo
CVE-2024-56434 2025-01-15 14:18 2024-12-26 Show GitHub Exploit DB Packet Storm
1966 6.5 警告
Network 		マイクロソフト Microsoft SharePoint Server
Microsoft SharePoint Enterprise Server 		Microsoft SharePoint の情報漏えいの脆弱性 CWE-23
CWE-noinfo
CVE-2024-49062 2025-01-15 14:17 2024-12-10 Show GitHub Exploit DB Packet Storm
1967 9.8 緊急
Network 		株式会社ワイズ STEALTHONE D440
STEALTHONE D220
STEALTHONE D340 		ワイズ製 STEALTHONE D220/D340/D440 における複数の脆弱性 CWE-78
CWE-89
CVE-2025-20016
CVE-2025-20055
CVE-2025-20620 		2025-01-15 14:07 2025-01-14 Show GitHub Exploit DB Packet Storm
1968 6.6 警告
Network 		オムロン株式会社 マシンオートメーションコントローラ NX シリーズ
マシンオートメーションコントローラ NJ シリーズ 		オムロン製マシンオートメーションコントローラ NJ/NX シリーズにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2024-12083 2025-01-15 14:07 2025-01-14 Show GitHub Exploit DB Packet Storm
1969 7.8 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 11
Microsoft Windows 10
Microsoft Windows Server 2022
Microsoft Windows Server&… 		Windows CNG キー分離サービスの特権の昇格の脆弱性 CWE-362
CWE-416
CVE-2024-30031 2025-01-15 14:03 2024-05-14 Show GitHub Exploit DB Packet Storm
1970 7.8 重要
Local 		マイクロソフト Microsoft Windows Server 2022
Microsoft Windows 10
Microsoft Windows Server 2012
Microsoft Windows Server 2008
Microsoft Window… 		NTFS の特権の昇格の脆弱性 CWE-415
CWE-noinfo
CVE-2024-30027 2025-01-15 14:00 2024-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 22, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
51 - - - In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a UAF which can be abu… Update - CVE-2025-21700 2025-02-21 23:15 2025-02-13 Show GitHub Exploit DB Packet Storm
52 - - - Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. New - CVE-2025-26794 2025-02-21 22:15 2025-02-21 Show GitHub Exploit DB Packet Storm
53 - - - A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'searchpaymentstatus' para… Update - CVE-2025-22209 2025-02-21 22:15 2025-02-15 Show GitHub Exploit DB Packet Storm
54 - - - A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the 'filter_email' parameter i… Update - CVE-2025-22208 2025-02-21 22:15 2025-02-15 Show GitHub Exploit DB Packet Storm
55 4.3 MEDIUM
Network 		ncrafts formcraft The FormCraft plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in formcraft-main.php in all versions up to, and including, 3.9.11. This makes it pos… Update CWE-862
 Missing Authorization 		CVE-2024-13783 2025-02-21 21:19 2025-02-18 Show GitHub Exploit DB Packet Storm
56 9.8 CRITICAL
Network 		presslayouts pressmart The PressMart - Modern Elementor WooCommerce WordPress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.16. This is due to the softwa… Update CWE-94
Code Injection 		CVE-2024-13797 2025-02-21 21:17 2025-02-18 Show GitHub Exploit DB Packet Storm
57 6.1 MEDIUM
Network 		wpexperts post_smtp The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the from and subject parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization a… Update CWE-79
Cross-site Scripting 		CVE-2025-0521 2025-02-21 21:16 2025-02-18 Show GitHub Exploit DB Packet Storm
58 7.3 HIGH
Network 		- - A vulnerability was found in Baiyi Cloud Asset Management System 8.142.100.161. It has been classified as critical. This affects an unknown part of the file /wuser/admin.ticket.close.php. The manipul… New CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-1535 2025-02-21 21:15 2025-02-21 Show GitHub Exploit DB Packet Storm
59 6.4 MEDIUM
Network 		- - The WP-Appbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's appbox shortcode in all versions up to, and including, 4.5.4 due to insufficient input sanitization an… New CWE-79
Cross-site Scripting 		CVE-2025-1489 2025-02-21 21:15 2025-02-21 Show GitHub Exploit DB Packet Storm
60 5.3 MEDIUM
Network 		- - The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ajax_ticket_delete' function in all versions up to, and in… New CWE-862
 Missing Authorization 		CVE-2025-1402 2025-02-21 21:15 2025-02-21 Show GitHub Exploit DB Packet Storm