Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2201 6.6 警告
Network 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022 		Windows DNS サーバーのリモートでコードが実行される脆弱性 CWE-416
CWE-noinfo
CVE-2024-26223 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
2202 6.6 警告
Network 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022 		Windows DNS サーバーのリモートでコードが実行される脆弱性 CWE-416
CWE-noinfo
CVE-2024-26227 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
2203 7 重要
Local 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2008
Microsoft Window… 		Windows Telephony Server の特権の昇格の脆弱性 CWE-362
CWE-591
CVE-2024-26242 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
2204 5.5 警告
Local 		マイクロソフト Microsoft Windows 11
Microsoft Windows Server 2019
Microsoft Windows 10
Microsoft Windows Server 2022 		Windows Remote Access Connection Manager の情報漏えいの脆弱性 CWE-125
CWE-126
CVE-2024-26255 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
2205 5.5 警告
Local 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Window… 		Windows Remote Access Connection Manager の情報漏えいの脆弱性 CWE-125
CWE-126
CVE-2024-28901 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
2206 7.5 重要
Adjacent 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Window… 		セキュア ブートのセキュリティ機能のバイパスの脆弱性 CWE-122
CWE-noinfo
CVE-2024-28896 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
2207 9.8 緊急
Network 		mysiteforme project mysiteforme wangl1989 の mysiteforme における信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-20
CWE-502
CWE-502
CVE-2024-13136 2025-01-14 14:12 2025-01-5 Show GitHub Exploit DB Packet Storm
2208 9.8 緊急
Network 		TreasureHuntGame TreasureHunt TreasureHuntGame の TreasureHunt における SQL インジェクションの脆弱性 CWE-74
CWE-89
CWE-89
CVE-2024-12894 2025-01-14 14:09 2024-12-22 Show GitHub Exploit DB Packet Storm
2209 6.7 警告
Local 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Window… 		セキュア ブートのセキュリティ機能のバイパスの脆弱性 CWE-693
CWE-noinfo
CVE-2024-28903 2025-01-14 14:03 2024-04-9 Show GitHub Exploit DB Packet Storm
2210 5.5 警告
Local 		クアルコム WCD9385 ファームウェア
fastconnect 6700 ファームウェア
fastconnect 7800 ファームウェア
wsa8845 ファームウェア
wsa8840 ファームウェア
sc8380xp ファームウェア
WSA8830 ファームウェア
sn… 		複数のクアルコム製品における境界外読み取りに関する脆弱性 CWE-125
CWE-126
CVE-2023-33078 2025-01-14 13:35 2023-05-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 26, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
11 - - - GLPI is a free asset and IT management software package. Starting in version 0.71 and prior to version 10.0.18, an anonymous user can fetch sensitive information from the `status.php` endpoint. Versi… New CWE-200
Information Exposure 		CVE-2025-21626 2025-02-26 01:15 2025-02-26 Show GitHub Exploit DB Packet Storm
12 4.3 MEDIUM
Network 		- - A vulnerability was found in GLPI up to 10.0.17. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argume… New CWE-601
Open Redirect 		CVE-2024-11955 2025-02-26 01:15 2025-02-26 Show GitHub Exploit DB Packet Storm
13 - - - Missing Authorization vulnerability in George Pattichis Simple Photo Feed allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Photo Feed: from n/a throu… New CWE-862
 Missing Authorization 		CVE-2025-27000 2025-02-26 00:15 2025-02-26 Show GitHub Exploit DB Packet Storm
14 - - - Missing Authorization vulnerability in Anton Vanyukov Market Exporter allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Market Exporter: from n/a through 2.0… New CWE-862
 Missing Authorization 		CVE-2025-26995 2025-02-26 00:15 2025-02-26 Show GitHub Exploit DB Packet Storm
15 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vito Peleg Atarim allows Reflected XSS. This issue affects Atarim: from n/a through 4.1.0. New CWE-79
Cross-site Scripting 		CVE-2025-26993 2025-02-26 00:15 2025-02-26 Show GitHub Exploit DB Packet Storm
16 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ollybach WPPizza allows Reflected XSS. This issue affects WPPizza: from n/a through 3.19.4. New CWE-79
Cross-site Scripting 		CVE-2025-26991 2025-02-26 00:15 2025-02-26 Show GitHub Exploit DB Packet Storm
17 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps allows Reflected XSS. This issue affects Frontend Admi… New CWE-79
Cross-site Scripting 		CVE-2025-26987 2025-02-26 00:15 2025-02-26 Show GitHub Exploit DB Packet Storm
18 - - - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Majestic Support Majestic Support allows PHP Local File Inclusion. This issue … New CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2025-26985 2025-02-26 00:15 2025-02-26 Show GitHub Exploit DB Packet Storm
19 - - - Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Recipe Card Bloc… New CWE-862
 Missing Authorization 		CVE-2025-26983 2025-02-26 00:15 2025-02-26 Show GitHub Exploit DB Packet Storm
20 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in accessiBe Web Accessibility By accessiBe allows Reflected XSS. This issue affects Web Accessibili… New CWE-79
Cross-site Scripting 		CVE-2025-26981 2025-02-26 00:15 2025-02-26 Show GitHub Exploit DB Packet Storm