Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
351	8.8	重要 Local	クアルコム	QCA6574AU ファームウェア fastconnect 6700 ファームウェア qcn9012 ファームウェア QCA8337 ファームウェア flight rb5 5g ファームウェア AR8035 ファームウェア qcm5430 ファームウェア …	複数のクアルコム製品における古典的バッファオーバーフローの脆弱性	CWE-120 CWE-120	CVE-2023-43556	2025-01-28 16:14	2023-09-19	Show	GitHub Exploit DB Packet Storm

352	6.5	警告 Adjacent	Linux Foundation	Magma	Linux Foundation の Magma における NULL ポインタデリファレンスに関する脆弱性	CWE-476 CWE-476	CVE-2023-37034	2025-01-28 16:13	2023-06-28	Show	GitHub Exploit DB Packet Storm

353	7.5	重要 Network	クアルコム	mdm9205s ファームウェア APQ8017 ファームウェア fastconnect 6700 ファームウェア CSRA6640 ファームウェア 9207 lte modem ファームウェア APQ8037 ファームウェア AR8035 ファームウェア	複数のクアルコム製品における認証に関する脆弱性	CWE-287 CWE-287	CVE-2023-43551	2025-01-28 16:13	2023-09-19	Show	GitHub Exploit DB Packet Storm

354	7.5	重要 Network	ZyXEL	NR7102 ファームウェア LTE3301-PLUS ファームウェア EE6510-10 ファームウェア DX3301-T0 ファームウェア DX3300-T0 ファームウェア DX4510-B1 ファームウェア Nebula NR5101 ファームウェア LTE5388-…	複数の ZyXEL 製品における古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2024-8748	2025-01-28 16:12	2024-12-3	Show	GitHub Exploit DB Packet Storm

355	6.6	警告 Physics	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 10 Microsoft Windows Server 2012 Microsoft Windows Server 2022 Microsoft Window…	Windows デジタルメディアの特権昇格の脆弱性	CWE-125 CWE-noinfo	CVE-2025-21255	2025-01-28 16:12	2025-01-14	Show	GitHub Exploit DB Packet Storm

356	6.6	警告 Physics	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 10 Microsoft Windows Server 2012 Microsoft Windows Server 2022 Microsoft Window…	Windows デジタルメディアの特権昇格の脆弱性	CWE-125 CWE-noinfo	CVE-2025-21229	2025-01-28 16:06	2025-01-14	Show	GitHub Exploit DB Packet Storm

357	6.5	警告 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 10 Microsoft Windows Server 2012 Microsoft Windows Server 2022 Microsoft Window…	Windows NTLM のなりすましの脆弱性	CWE-693 CWE-noinfo	CVE-2025-21217	2025-01-28 16:04	2025-01-14	Show	GitHub Exploit DB Packet Storm

358	7.8	重要 Local	Sagemcom	F@st 3686 ファームウェア	Sagemcom の F@st 3686 ファームウェアにおけるセッション期限に関する脆弱性	CWE-613 不適切なセッション期限	CVE-2024-1623	2025-01-28 15:58	2024-03-14	Show	GitHub Exploit DB Packet Storm

359	4.3	警告 Network	billminozzi	Disable Json API Login Lockdown XMLRPC Pingback Stop User Enumeration Anti Hacker Scan	Bill Minozzi の WordPress 用 Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-1861	2025-01-28 15:41	2024-02-28	Show	GitHub Exploit DB Packet Storm

360	4.6	警告 Physics	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Window…	セキュアブートのセキュリティ機能のバイパスの脆弱性	CWE-125 CWE-noinfo	CVE-2025-21215	2025-01-28 15:37	2025-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 7, 2025, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
981	-		-	-	When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root ( https://githu…	-	CVE-2021-3978	2025-01-29 19:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

982	-		-	-	In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute('href',href) call. NOTE: some parties feel that…	-	CVE-2024-57965	2025-01-29 19:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

983	-		-	-	Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of …	-	CVE-2024-7695	2025-01-29 17:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

984	7.2	HIGH Network	-	-	The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wishlist_name’ parameter in all versions up to, …	CWE-79 Cross-site Scripting	CVE-2024-13696	2025-01-29 17:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

985	6.4	MEDIUM Network	-	-	The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via link titles in all versions up t…	CWE-79 Cross-site Scripting	CVE-2025-0804	2025-01-29 13:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

986	4.3	MEDIUM Network	-	-	A vulnerability was found in code-projects Job Recruitment 1.0. It has been rated as problematic. This issue affects some unknown processing of the file _call_job_search_ajax.php. The manipulation of…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2025-0806	2025-01-29 12:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

987	-		-	-	The old versions of EXIF Viewer Classic contain a cross-site scripting vulnerability caused by improper handling of EXIF meta data. When an image is rendered and crafted EXIF meta data is processed, …	CWE-79 Cross-site Scripting	CVE-2025-23362	2025-01-29 11:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

988	7.3	HIGH Network	-	-	A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/admin/submit_plan_…	CWE-89 CWE-74 SQL Injection Injection	CVE-2025-0803	2025-01-29 11:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

989	7.3	HIGH Network	-	-	A vulnerability classified as critical was found in SourceCodester Best Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/View_user.php of …	CWE-284 CWE-266 Improper Access Control Incorrect Privilege Assignment	CVE-2025-0802	2025-01-29 11:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

990	2.4	LOW Network	-	-	A vulnerability classified as problematic has been found in SourceCodester Online Courseware 1.0. Affected is an unknown function of the file /pcci/admin/saveeditt.php of the component Edit Teacher. …	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2025-0800	2025-01-29 11:15	2025-01-29	Show	GitHub Exploit DB Packet Storm