Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231 7.8 重要
Local 		マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server … 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2019-0896 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
232 7.8 重要
Local 		マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server … 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2019-0897 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
233 7.8 重要
Local 		マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server … 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2019-0898 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
234 7.8 重要
Local 		マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server … 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2019-0899 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
235 9.8 緊急
Network 		miniOrange Miniorange OTP Verification with Firebase miniOrange の WordPress 用 Miniorange OTP Verification with Firebase におけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
CWE-639
CVE-2024-9862 2025-01-29 16:50 2024-10-17 Show GitHub Exploit DB Packet Storm
236 2.3
Local 		Lenovo ThinkSystem SR670 V2 ファームウェア Lenovo の ThinkSystem SR670 V2 ファームウェアにおける脆弱性 CWE-1269
CWE-Other
CVE-2024-23591 2025-01-29 16:42 2024-02-16 Show GitHub Exploit DB Packet Storm
237 8.8 重要
Network 		ZTE MF258K PRO ファームウェア ZTE の MF258K PRO ファームウェアにおける OS コマンドインジェクションの脆弱性 CWE-20
CWE-78
CVE-2024-22065 2025-01-29 16:38 2024-10-29 Show GitHub Exploit DB Packet Storm
238 7.8 重要
Local 		ultralytics yolov3 Ultralytics の YOLOv3 における信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2021-31681 2025-01-29 16:33 2021-04-23 Show GitHub Exploit DB Packet Storm
239 3.3
Local 		オープンCADフォーマット評議会 SXF 共通ライブラリ SXF共通ライブラリにおける入力データの取り扱い不備 CWE-Other
その他 		CVE-2025-24336 2025-01-29 16:32 2025-01-29 Show GitHub Exploit DB Packet Storm
240 7.1 重要
Network 		Woostify Woostify Sites Library Woostify の WordPress 用 Woostify Sites Library における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2023-6279 2025-01-29 16:22 2023-11-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
991 - - - A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to insecure storage of FactoryTalk® Security use… - CVE-2025-0498 2025-01-31 03:15 2025-01-31 Show GitHub Exploit DB Packet Storm
992 - - - A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to storing credentials in the configuration file… - CVE-2025-0497 2025-01-31 03:15 2025-01-31 Show GitHub Exploit DB Packet Storm
993 - - - An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a… - CVE-2025-0477 2025-01-31 03:15 2025-01-31 Show GitHub Exploit DB Packet Storm
994 - - - Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021 R2 due to adding InstallScript custom action to a Basic MSI or InstallScript MSI project extracting fe… - CVE-2023-29080 2025-01-31 03:15 2025-01-31 Show GitHub Exploit DB Packet Storm
995 5.5 MEDIUM
Local 		apple iphone_os
ipados 		This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4, iOS 18.3 and iPadOS 18.3. Restoring a maliciously crafted backup file may lead to modification of pr… CWE-59
Link Following 		CVE-2025-24104 2025-01-31 03:15 2025-01-28 Show GitHub Exploit DB Packet Storm
996 8.8 HIGH
Network 		apple watchos
ipados
macos
tvos
safari
visionos
iphone_os 		The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously … CWE-787
 Out-of-bounds Write 		CVE-2024-54543 2025-01-31 03:13 2025-01-28 Show GitHub Exploit DB Packet Storm
997 8.8 HIGH
Network 		apple macos
ipados
iphone_os
safari 		A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command i… CWE-77
Command Injection 		CVE-2025-24150 2025-01-31 03:10 2025-01-28 Show GitHub Exploit DB Packet Storm
998 3.3 LOW
Local 		apple macos
ipados
iphone_os 		A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. An app may be able to view a contact's phone n… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2025-24145 2025-01-31 03:04 2025-01-28 Show GitHub Exploit DB Packet Storm
999 7.5 HIGH
Network 		jyothisjoy eventer The Eventer plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'eventer_get_attendees' function in all versions up to, and including, 3.9.8 due to insufficient escap… CWE-89
SQL Injection 		CVE-2024-11135 2025-01-31 03:03 2025-01-28 Show GitHub Exploit DB Packet Storm
1000 6.5 MEDIUM
Network 		apple macos
ipados
safari
visionos 		The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted web… NVD-CWE-noinfo
CVE-2025-24143 2025-01-31 03:03 2025-01-28 Show GitHub Exploit DB Packet Storm