Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 12, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
271	5.5	警告 Local	Linux Debian	Linux Kernel Debian GNU/Linux	Linux の Linux Kernel 等複数ベンダの製品におけるゼロ除算に関する脆弱性	CWE-369 ゼロ除算	CVE-2024-35922	2025-01-9 14:52	2024-03-19	Show	GitHub Exploit DB Packet Storm

272	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2024-35907	2025-01-9 14:48	2024-03-26	Show	GitHub Exploit DB Packet Storm

273	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性	CWE-Other その他	CVE-2021-47125	2025-01-9 14:45	2021-06-4	Show	GitHub Exploit DB Packet Storm

274	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2021-47442	2025-01-9 14:45	2021-10-13	Show	GitHub Exploit DB Packet Storm

275	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2024-35891	2025-01-9 14:42	2024-04-1	Show	GitHub Exploit DB Packet Storm

276	9.8	緊急 Network	ABB	aspect-ent-2 ファームウェア nexus-2128 ファームウェア matrix-296 ファームウェア nexus-264-f ファームウェア matrix-11 ファームウェア aspect-ent-12 ファームウェア matrix-232 ファームウェア nexus…	複数の ABB 製品における脆弱性	CWE-noinfo 情報不足	CVE-2024-6298	2025-01-9 14:42	2024-07-5	Show	GitHub Exploit DB Packet Storm

277	7.5	重要 Network	ABB	aspect-ent-2 ファームウェア nexus-2128 ファームウェア matrix-296 ファームウェア nexus-264-f ファームウェア matrix-11 ファームウェア aspect-ent-12 ファームウェア matrix-232 ファームウェア nexus…	複数の ABB 製品における外部からアクセス可能なファイルまたはディレクトリに関する脆弱性	CWE-552 外部からアクセス可能なファイルまたはディレクトリ	CVE-2024-6209	2025-01-9 14:40	2024-07-5	Show	GitHub Exploit DB Packet Storm

278	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2024-35866	2025-01-9 14:38	2024-04-3	Show	GitHub Exploit DB Packet Storm

279	8.8	重要 Network	Xerox	freeflow core	Xerox の freeflow core におけるパストラバーサルの脆弱性	CWE-22 CWE-22	CVE-2024-47558	2025-01-9 14:38	2024-10-7	Show	GitHub Exploit DB Packet Storm

280	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2024-35864	2025-01-9 14:37	2024-04-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 12, 2025, 4:59 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
111	5.4	MEDIUM Network	-	-	The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functi… New	CWE-862 Missing Authorization	CVE-2024-12204	2025-01-11 12:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

112	6.1	MEDIUM Network	-	-	The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg &… New	CWE-79 Cross-site Scripting	CVE-2024-11327	2025-01-11 12:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

113	-		-	-	An issue was discovered in REDCap 14.9.6. It has an action=myprojects&logout=1 CSRF issue in the alert-title while performing an upload of a CSV file containing a list of alert configuration. An atta… New	-	CVE-2025-23113	2025-01-11 08:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

114	-		-	-	An issue was discovered in REDCap 14.9.6. A stored cross-site scripting (XSS) vulnerability allows authenticated users to inject malicious scripts into the Survey field name of Survey. When a user re… New	-	CVE-2025-23112	2025-01-11 07:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

115	-		-	-	An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing users to a redirection to a phishing website. An attacker can exploit this to trick the user tha… New	-	CVE-2025-23111	2025-01-11 07:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

116	-		-	-	An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting (XSS) vulnerability in the email-subject field exists while performing an upload of a CSV file containing a list of alert co… New	-	CVE-2025-23110	2025-01-11 07:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

117	-		-	-	Specially constructed queries cause cross platform scripting leaking administrator tokens New	-	CVE-2024-9188	2025-01-11 07:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

118	-		-	-	Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on t… New	-	CVE-2024-9134	2025-01-11 07:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

119	-		-	-	A user with administrator privileges is able to retrieve authentication tokens New	-	CVE-2024-9133	2025-01-11 07:15	2025-01-11	Show	GitHub Exploit DB Packet Storm

120	-		-	-	The administrator is able to configure an insecure captive portal script New	-	CVE-2024-9132	2025-01-11 07:15	2025-01-11	Show	GitHub Exploit DB Packet Storm