Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 23, 2025, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231	7.1	重要 Network	cvat	computer vision annotation tool	cvat の computer vision annotation tool におけるクロスサイトリクエストフォージェリの脆弱性 New	CWE-352 CWE-352	CVE-2024-37306	2025-01-22 14:42	2024-06-13	Show	GitHub Exploit DB Packet Storm

232	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	ac500 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の ac500 ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-121 CWE-787	CVE-2024-3905	2025-01-22 14:42	2024-04-17	Show	GitHub Exploit DB Packet Storm

233	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	ac500 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の ac500 ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-121 CWE-787	CVE-2024-3910	2025-01-22 14:42	2024-04-17	Show	GitHub Exploit DB Packet Storm

234	5.4	警告 Network	StylemixThemes	MasterStudy LMS	StylemixThemes の WordPress 用 MasterStudy LMS における認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2024-3942	2025-01-22 14:42	2024-05-2	Show	GitHub Exploit DB Packet Storm

235	7.5	重要 Network	マイクロフォーカス株式会社	imanager	マイクロフォーカス株式会社の imanager におけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 CWE-918	CVE-2024-3970	2025-01-22 14:42	2024-05-15	Show	GitHub Exploit DB Packet Storm

236	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	AC8 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の AC8 ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-121 CWE-787	CVE-2024-4066	2025-01-22 14:42	2024-04-23	Show	GitHub Exploit DB Packet Storm

237	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	4g300 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の 4g300 ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-121 CWE-787	CVE-2024-4167	2025-01-22 14:42	2024-04-25	Show	GitHub Exploit DB Packet Storm

238	5.4	警告 Network	Autolab project	Autolab	Autolab project の Autolab におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-52585	2025-01-22 14:42	2024-11-18	Show	GitHub Exploit DB Packet Storm

239	9.8	緊急 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla Foundation の Mozilla Firefox および Mozilla Thunderbird における脆弱性 New	CWE-noinfo 情報不足	CVE-2024-3863	2025-01-22 14:26	2024-04-16	Show	GitHub Exploit DB Packet Storm

240	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2024-57887	2025-01-22 14:23	2024-12-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
781	-		-	-	Bible Module is a tool designed for ROBLOX developers to integrate Bible functionality into their games. The `FetchVerse` and `FetchPassage` functions in the Bible Module are susceptible to injection…	CWE-20 Improper Input Validation	CVE-2025-23202	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

782	-		-	-	Caido is a web security auditing toolkit. A Cross-Site Scripting (XSS) vulnerability was identified in Caido v0.45.0 due to improper sanitization in the URL decoding tooltip of HTTP request and respo…	CWE-79 Cross-site Scripting	CVE-2025-23039	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

783	6.3	MEDIUM Network	-	-	A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /expadd.php. The manipulation of the arg…	CWE-89 CWE-74 SQL Injection Injection	CVE-2025-0540	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

784	-		-	-	WeGIA < 3.2.0 is vulnerable to Cross Site Scripting (XSS) via the dados_addInfo parameter of documentos_funcionario.php.	-	CVE-2024-57033	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

785	-		-	-	The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Users who use IAM OIDC cus…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2025-23206	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

786	-		-	-	nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users wit…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2025-23205	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

787	-		-	-	stats is a macOS system monitor in for the menu bar. The Stats application is vulnerable to a local privilege escalation due to the insecure implementation of its XPC service. The application registe…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2025-21606	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

788	-		-	-	Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability	-	CVE-2025-21399	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

789	-		-	-	Wegia < 3.2.0 is vulnerable to Cross Site Scripting (XSS) in /geral/documentos_funcionario.php via the id parameter.	-	CVE-2024-57030	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

790	-		-	-	A vulnerability was found in 1000 Projects Campaign Management System Platform for Women 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Code/log…	-	CVE-2025-0534	2025-01-18 06:15	2025-01-18	Show	GitHub Exploit DB Packet Storm