Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2171	5.5	警告 Local	クアルコム	qam8775p ファームウェア sa8540p ファームウェア QCA6595AU ファームウェア sa8255p ファームウェア sa8650p ファームウェア QAM8295P ファームウェア qca6698aq ファームウェア srv1h ファームウェア qam…	複数のクアルコム製品における境界外読み取りに関する脆弱性	CWE-125 CWE-126	CVE-2024-23366	2025-01-14 14:59	2024-01-16	Show	GitHub Exploit DB Packet Storm

2172	8	重要 Network	FreeScout	FreeScout	FreeScout におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2024-29184	2025-01-14 14:59	2024-03-22	Show	GitHub Exploit DB Packet Storm

2173	7.1	重要 Network	FreeScout	FreeScout	FreeScout におけるログファイルからの情報漏えいに関する脆弱性	CWE-532 CWE-532	CVE-2024-28186	2025-01-14 14:59	2024-03-12	Show	GitHub Exploit DB Packet Storm

2174	7.2	重要 Network	マイクロソフト	Microsoft SharePoint Server Microsoft SharePoint Enterprise Server	Microsoft SharePoint Server のリモートでコードが実行される脆弱性	CWE-502 CWE-502	CVE-2024-30044	2025-01-14 14:57	2024-05-14	Show	GitHub Exploit DB Packet Storm

2175	7	重要 Local	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows 10	Windows Search サービスの特権の昇格の脆弱性	CWE-59 CWE-noinfo	CVE-2024-30033	2025-01-14 14:55	2024-05-14	Show	GitHub Exploit DB Packet Storm

2176	7.5	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2012 Microsoft Windows Server 2008 Microsoft Window…	Windows ルーティングとリモートアクセスサービス (RRAS) のリモートでコードが実行される脆弱性	CWE-197 CWE-noinfo	CVE-2024-30022	2025-01-14 14:53	2024-05-14	Show	GitHub Exploit DB Packet Storm

2177	7.5	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2012 Microsoft Windows Server 2008 Microsoft Window…	Windows ルーティングとリモートアクセスサービス (RRAS) のリモートでコードが実行される脆弱性	CWE-197 CWE-noinfo	CVE-2024-30015	2025-01-14 14:51	2024-05-14	Show	GitHub Exploit DB Packet Storm

2178	5.3	警告 Network	Huawei	NIP6300 ファームウェア Secospace USG6600 ファームウェア USG6000V ファームウェア Secospace USG6300 ファームウェア NGFW Module ファームウェア Secospace USG6500 ファームウェア …	複数の Huawei 製品における境界外読み取りに関する脆弱性	CWE-125 CWE-125	CVE-2020-1818	2025-01-14 14:44	2024-12-27	Show	GitHub Exploit DB Packet Storm

2179	8.8	重要 Network	WPDeveloper	Essential Addons for Elementor	WPDeveloper の WordPress 用 Essential Addons for Elementor における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2021-4447	2025-01-14 14:44	2024-10-16	Show	GitHub Exploit DB Packet Storm

2180	9.8	緊急 Network	Huawei	cv81-wdm ファームウェア	Huawei の cv81-wdm ファームウェアにおけるコマンドインジェクションの脆弱性	CWE-77 CWE-77	CVE-2022-32203	2025-01-14 14:44	2022-06-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 26, 2025, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1	7.8	HIGH Local	-	-	A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventuall… New	CWE-416 Use After Free	CVE-2025-26601	2025-02-26 01:15	2025-02-26	Show	GitHub Exploit DB Packet Storm

2	7.8	HIGH Local	-	-	A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause… New	CWE-416 Use After Free	CVE-2025-26600	2025-02-26 01:15	2025-02-26	Show	GitHub Exploit DB Packet Storm

3	7.8	HIGH Local	-	-	An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will… New	CWE-824 Access of Uninitialized Pointer	CVE-2025-26599	2025-02-26 01:15	2025-02-26	Show	GitHub Exploit DB Packet Storm

4	7.8	HIGH Local	-	-	An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL,… New	CWE-787 Out-of-bounds Write	CVE-2025-26598	2025-02-26 01:15	2025-02-26	Show	GitHub Exploit DB Packet Storm

5	7.8	HIGH Local	-	-	A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same f… New	CWE-122 Heap-based Buffer Overflow	CVE-2025-26597	2025-02-26 01:15	2025-02-26	Show	GitHub Exploit DB Packet Storm

6	7.8	HIGH Local	-	-	A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overfl… New	CWE-122 Heap-based Buffer Overflow	CVE-2025-26596	2025-02-26 01:15	2025-02-26	Show	GitHub Exploit DB Packet Storm

7	7.8	HIGH Local	-	-	A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The cod… New	CWE-121 Stack-based Buffer Overflow	CVE-2025-26595	2025-02-26 01:15	2025-02-26	Show	GitHub Exploit DB Packet Storm

8	7.8	HIGH Local	-	-	A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed me… New	CWE-416 Use After Free	CVE-2025-26594	2025-02-26 01:15	2025-02-26	Show	GitHub Exploit DB Packet Storm

9	-		-	-	GLPI is a free asset and IT management software package. Starting in version 0.72 and prior to version 10.0.18, an anonymous user can disable all the active plugins. Version 10.0.18 contains a patch.… New	CWE-285 Improper Authorization	CVE-2025-23024	2025-02-26 01:15	2025-02-26	Show	GitHub Exploit DB Packet Storm

10	-		-	-	GLPI is a free asset and IT management software package. In versions prior to 10.0.18, a malicious link can be crafted to perform a reflected XSS attack on the search page. If the anonymous ticket cr… New	CWE-79 Cross-site Scripting	CVE-2025-21627	2025-02-26 01:15	2025-02-26	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed