You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
|
Update Date":Jan. 18, 2025, 6 p.m.
No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
---|---|---|---|---|---|---|---|---|---|---|---|
251 | 7.8 |
重要
Local |
Linux | Linux Kernel | Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 New |
CWE-416
解放済みメモリの使用 |
CVE-2024-53171 | 2025-01-17 09:44 | 2024-11-14 | Show | GitHub Exploit DB Packet Storm |
252 | 7.8 |
重要
Local |
Linux | Linux Kernel | Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 New |
CWE-416
解放済みメモリの使用 |
CVE-2024-56604 | 2025-01-17 09:44 | 2024-10-15 | Show | GitHub Exploit DB Packet Storm |
253 | 4.3 |
警告
Network |
IBM | IBM InfoSphere Information Server | IBM の IBM InfoSphere Information Server におけるエラーメッセージによる情報漏えいに関する脆弱性 New |
CWE-209
エラーメッセージによる情報漏えい |
CVE-2024-51460 | 2025-01-17 08:52 | 2024-12-5 | Show | GitHub Exploit DB Packet Storm |
254 | 6.8 |
警告
Physics |
Huawei |
Yale-AL50A ファームウェア Princeton-AL10D ファームウェア P30 Pro ファームウェア Yale-AL00A ファームウェア Mate 20 ファームウェア P30 ファームウェア YaleP-AL10B ファームウェア |
複数の Huawei 製品における不正な認証に関する脆弱性 New |
CWE-285 CWE-863 |
CVE-2020-9081 | 2025-01-16 18:13 | 2020-02-18 | Show | GitHub Exploit DB Packet Storm |
255 | 7.5 |
重要
Network | マイクロソフト | Microsoft Copilot Studio | Copilot Studio の情報漏えいの脆弱性 New |
CWE-200 CWE-noinfo |
CVE-2024-43610 | 2025-01-16 18:08 | 2024-10-8 | Show | GitHub Exploit DB Packet Storm |
256 | 7.5 |
重要
Adjacent |
マイクロソフト |
Microsoft Windows Server 2016 Microsoft Windows Server 2022 Microsoft Windows Server 2019 Microsoft Windows 10 Microsoft Window… |
Windows Hyper-V のリモートでコードが実行される脆弱性 New |
CWE-20 CWE-829 CWE-noinfo |
CVE-2024-30092 | 2025-01-16 18:05 | 2024-10-8 | Show | GitHub Exploit DB Packet Storm |
257 | 4.1 |
警告
Physics |
マイクロソフト |
Microsoft Windows Server 2016 Microsoft Windows Server 2022 Microsoft Windows Server 2019 Microsoft Windows 10 Microsoft Window… |
セキュア ブートのセキュリティ機能のバイパスの脆弱性 New |
CWE-284 CWE-noinfo |
CVE-2024-28922 | 2025-01-16 18:05 | 2024-04-9 | Show | GitHub Exploit DB Packet Storm |
258 | 8.8 |
重要
Local |
マイクロソフト | Xbox Gaming Services | XBox ゲーム サービスの特権昇格の脆弱性 New |
CWE-59 CWE-noinfo |
CVE-2024-28916 | 2025-01-16 18:02 | 2024-03-22 | Show | GitHub Exploit DB Packet Storm |
259 | 5.5 |
警告
Local |
Linux | Linux Kernel | Linux の Linux Kernel における脆弱性 New |
CWE-noinfo
情報不足 |
CVE-2024-56786 | 2025-01-16 18:00 | 2024-11-1 | Show | GitHub Exploit DB Packet Storm |
260 | 5.5 |
警告
Local |
Linux | Linux Kernel | Linux の Linux Kernel における脆弱性 New |
CWE-noinfo
情報不足 |
CVE-2024-56771 | 2025-01-16 17:58 | 2024-10-21 | Show | GitHub Exploit DB Packet Storm |
Update Date:Jan. 18, 2025, 4:13 a.m.
No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
---|---|---|---|---|---|---|---|---|---|---|---|
221 | 4.3 |
MEDIUM
Network |
apple |
ipados iphone_os watchos visionos |
A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker with access to calendar data could also read reminder… New |
CWE-22
Path Traversal |
CVE-2024-54535 | 2025-01-17 05:36 | 2025-01-16 | Show | GitHub Exploit DB Packet Storm |
222 | 8.8 |
HIGH
Network |
chrome | Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) New |
CWE-125
Out-of-bounds Read |
CVE-2025-0437 | 2025-01-17 05:35 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm | |
223 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2022_23h2 windows_11_23h2 windows_10_1607 windows_10_1809 windows_10_1507 windows_10_21h2 windows_10_22h2 windows_11_… |
Windows Telephony Service Remote Code Execution Vulnerability New |
NVD-CWE-noinfo
|
CVE-2025-21417 | 2025-01-17 05:34 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
224 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability New |
NVD-CWE-noinfo
|
CVE-2025-21413 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
225 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability New |
NVD-CWE-noinfo
|
CVE-2025-21411 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
226 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability New |
NVD-CWE-noinfo
|
CVE-2025-21409 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
227 | - | - | - | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in carrotbits Greek Namedays Widget From Eortologio.Net allows Stored XSS.This issue affects Greek N… New |
CWE-79
Cross-site Scripting |
CVE-2025-23783 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm | |
228 | - | - | - | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Revolutionart Marmoset Viewer allows Stored XSS.This issue affects Marmoset Viewer: from n/a thro… New |
CWE-79
Cross-site Scripting |
CVE-2025-23767 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm | |
229 | - | - | - | Cross-Site Request Forgery (CSRF) vulnerability in Mahdi Khaksar mybb Last Topics allows Stored XSS.This issue affects mybb Last Topics: from n/a through 1.0. New |
CWE-352
Origin Validation Error |
CVE-2025-23749 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm | |
230 | - | - | - | Cross-Site Request Forgery (CSRF) vulnerability in Tussendoor internet & marketing Call me Now allows Stored XSS.This issue affects Call me Now: from n/a through 1.0.5. New |
CWE-352
Origin Validation Error |
CVE-2025-23745 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm |