Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 15, 2025, 2:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191	8.2	重要 Network	マイクロソフト	Microsoft SharePoint Server Microsoft SharePoint Enterprise Server	Microsoft SharePoint の特権の昇格の脆弱性 New	CWE-284 CWE-noinfo	CVE-2024-49068	2025-01-14 15:13	2024-12-10	Show	GitHub Exploit DB Packet Storm

192	7.8	重要 Local	マイクロソフト	Microsoft Office	Microsoft Office の特権の昇格の脆弱性 New	CWE-284 CWE-noinfo	CVE-2024-43600	2025-01-14 15:10	2024-12-10	Show	GitHub Exploit DB Packet Storm

193	7.8	重要 Local	Outlook.com	Microsoft Edge Chromium	Microsoft Edge (HTML ベース) のメモリ破損の脆弱性 New	CWE-119 CWE-787 CWE-843	CVE-2024-38218	2025-01-14 15:06	2024-08-8	Show	GitHub Exploit DB Packet Storm

194	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows 10	Windows Update スタックの特権の昇格の脆弱性 New	CWE-284 CWE-noinfo	CVE-2024-38163	2025-01-14 15:02	2024-08-13	Show	GitHub Exploit DB Packet Storm

195	4.8	警告 Network	FreeScout	FreeScout	FreeScout における危険なタイプのファイルの無制限アップロードに関する脆弱性 New	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2024-1932	2025-01-14 14:59	2024-02-28	Show	GitHub Exploit DB Packet Storm

196	6.5	警告 Network	Royal Elementor Addons	Royal Elementor Addons and Templates	Royal Elementor Addons の WordPress 用 Royal Elementor Addons and Templates におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-2798	2025-01-14 14:59	2024-04-23	Show	GitHub Exploit DB Packet Storm

197	9.8	緊急 Network	PbootCMS	PbootCMS	PbootCMS におけるコードインジェクションの脆弱性 New	CWE-74 CWE-94 CWE-94	CVE-2024-12789	2025-01-14 14:59	2024-12-19	Show	GitHub Exploit DB Packet Storm

198	6.1	警告 Network	anisha	job recruitment	anisha の job recruitment におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 CWE-79 CWE-94	CVE-2024-12883	2025-01-14 14:59	2024-12-21	Show	GitHub Exploit DB Packet Storm

199	5.4	警告 Network	mysiteforme project	mysiteforme	wangl1989 の mysiteforme におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 CWE-79 CWE-94	CVE-2024-13137	2025-01-14 14:59	2025-01-5	Show	GitHub Exploit DB Packet Storm

200	8.8	重要 Network	mysiteforme project	mysiteforme	wangl1989 の mysiteforme における危険なタイプのファイルの無制限アップロードに関する脆弱性 New	CWE-284 CWE-434 CWE-434	CVE-2024-13138	2025-01-14 14:59	2025-01-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291	5.5	MEDIUM Local	huawei	harmonyos	Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. Update	NVD-CWE-noinfo	CVE-2024-56453	2025-01-14 06:49	2025-01-8	Show	GitHub Exploit DB Packet Storm

292	5.5	MEDIUM Local	huawei	harmonyos	Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. Update	NVD-CWE-noinfo	CVE-2024-56452	2025-01-14 06:48	2025-01-8	Show	GitHub Exploit DB Packet Storm

293	5.5	MEDIUM Local	huawei	harmonyos	Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. Update	CWE-190 Integer Overflow or Wraparound	CVE-2024-56451	2025-01-14 06:48	2025-01-8	Show	GitHub Exploit DB Packet Storm

294	5.5	MEDIUM Local	huawei	harmonyos emui	Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability. Update	CWE-120 Classic Buffer Overflow	CVE-2024-56450	2025-01-14 06:48	2025-01-8	Show	GitHub Exploit DB Packet Storm

295	7.5	HIGH Network	huawei	emui harmonyos	Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability. Update	NVD-CWE-Other	CVE-2024-56448	2025-01-14 06:43	2025-01-8	Show	GitHub Exploit DB Packet Storm

296	7.5	HIGH Network	huawei	emui harmonyos	Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Update	NVD-CWE-noinfo	CVE-2024-56449	2025-01-14 06:42	2025-01-8	Show	GitHub Exploit DB Packet Storm

297	7.5	HIGH Network	huawei	harmonyos	Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. Update	NVD-CWE-noinfo	CVE-2024-54121	2025-01-14 06:42	2025-01-8	Show	GitHub Exploit DB Packet Storm

298	7.5	HIGH Network	huawei	emui harmonyos	Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Update	CWE-276 Incorrect Default Permissions	CVE-2024-56447	2025-01-14 06:42	2025-01-8	Show	GitHub Exploit DB Packet Storm

299	7.5	HIGH Network	huawei	harmonyos	Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability. Update	CWE-908 Use of Uninitialized Resource	CVE-2024-56446	2025-01-14 06:41	2025-01-8	Show	GitHub Exploit DB Packet Storm

300	5.3	MEDIUM Network	huawei	harmonyos	Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. Update	CWE-287 Improper Authentication	CVE-2024-56445	2025-01-14 06:41	2025-01-8	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed