Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 23, 2025, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
211	9.8	緊急 Network	マイクロフォーカス株式会社	imanager	マイクロフォーカス株式会社の imanager における XML 外部エンティティの脆弱性 New	CWE-611 CWE-611	CVE-2024-3486	2025-01-22 15:37	2024-05-15	Show	GitHub Exploit DB Packet Storm

212	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	F1202 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の F1202 ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-121 CWE-787	CVE-2024-3876	2025-01-22 15:37	2024-04-16	Show	GitHub Exploit DB Packet Storm

213	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	AC8 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の AC8 ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-121 CWE-787	CVE-2024-4065	2025-01-22 15:37	2024-04-23	Show	GitHub Exploit DB Packet Storm

214	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	4g300 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の 4g300 ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-121 CWE-787	CVE-2024-4169	2025-01-22 15:37	2024-04-25	Show	GitHub Exploit DB Packet Storm

215	8.5	重要 Network	cvat	computer vision annotation tool	cvat の computer vision annotation tool におけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 CWE-918	CVE-2024-37164	2025-01-22 15:37	2024-06-13	Show	GitHub Exploit DB Packet Storm

216	5.4	警告 Network	exclusiveaddons	exclusive addons for elementor	exclusiveaddons の WordPress 用 exclusive addons for elementor におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-2750	2025-01-22 15:31	2024-05-2	Show	GitHub Exploit DB Packet Storm

217	5.5	警告 Local	デル	repository manager	デルの repository manager におけるパストラバーサルの脆弱性 New	CWE-20 CWE-22	CVE-2024-28977	2025-01-22 15:31	2024-04-24	Show	GitHub Exploit DB Packet Storm

218	8.8	重要 Network	XWiki	xwiki	XWiki の xwiki におけるコードインジェクションの脆弱性 New	CWE-94 CWE-95	CVE-2024-31984	2025-01-22 15:31	2024-04-10	Show	GitHub Exploit DB Packet Storm

219	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2008 Microsoft Windows Server 2016 Microsoft Windows Server 2025 Microsoft Windows 11 Microsoft Window…	GDI+ のリモートコードが実行される脆弱性 New	CWE-190 CWE-noinfo	CVE-2025-21338	2025-01-22 15:31	2025-01-14	Show	GitHub Exploit DB Packet Storm

220	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2008 Microsoft Windows Server 2016 Microsoft Windows Server 2025 Microsoft Windows 11 Microsoft Window…	MapUrlToZone セキュリティ機能のバイパスの脆弱性 New	CWE-41 CWE-noinfo	CVE-2025-21332	2025-01-22 15:27	2025-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
781	-		-	-	Bible Module is a tool designed for ROBLOX developers to integrate Bible functionality into their games. The `FetchVerse` and `FetchPassage` functions in the Bible Module are susceptible to injection…	CWE-20 Improper Input Validation	CVE-2025-23202	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

782	-		-	-	Caido is a web security auditing toolkit. A Cross-Site Scripting (XSS) vulnerability was identified in Caido v0.45.0 due to improper sanitization in the URL decoding tooltip of HTTP request and respo…	CWE-79 Cross-site Scripting	CVE-2025-23039	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

783	6.3	MEDIUM Network	-	-	A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /expadd.php. The manipulation of the arg…	CWE-89 CWE-74 SQL Injection Injection	CVE-2025-0540	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

784	-		-	-	WeGIA < 3.2.0 is vulnerable to Cross Site Scripting (XSS) via the dados_addInfo parameter of documentos_funcionario.php.	-	CVE-2024-57033	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

785	-		-	-	The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Users who use IAM OIDC cus…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2025-23206	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

786	-		-	-	nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users wit…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2025-23205	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

787	-		-	-	stats is a macOS system monitor in for the menu bar. The Stats application is vulnerable to a local privilege escalation due to the insecure implementation of its XPC service. The application registe…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2025-21606	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

788	-		-	-	Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability	-	CVE-2025-21399	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

789	-		-	-	Wegia < 3.2.0 is vulnerable to Cross Site Scripting (XSS) in /geral/documentos_funcionario.php via the id parameter.	-	CVE-2024-57030	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

790	-		-	-	A vulnerability was found in 1000 Projects Campaign Management System Platform for Women 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Code/log…	-	CVE-2025-0534	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm