Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 18, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
381	5.3	警告 Network	Metagauss Inc.	eventprime	Metagauss Inc. の WordPress 用 eventprime における脆弱性 New	CWE-noinfo 情報不足	CVE-2024-1321	2025-01-16 14:42	2024-03-13	Show	GitHub Exploit DB Packet Storm

382	7.8	重要 Local	クアルコム	qamsrv1m ファームウェア AR8035 ファームウェア qamsrv1h ファームウェア MDM9628 ファームウェア qam8255p ファームウェア c-v2x 9150 ファームウェア fastconnect 6900 ファームウェア MDM9250…	複数のクアルコム製品における解放済みメモリの使用に関する脆弱性 New	CWE-416 CWE-416	CVE-2024-21471	2025-01-16 14:42	2024-05-6	Show	GitHub Exploit DB Packet Storm

383	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	fh1203 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の fh1203 ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-121 CWE-787	CVE-2024-2990	2025-01-16 14:42	2024-03-27	Show	GitHub Exploit DB Packet Storm

384	5.4	警告 Network	Leap13	Premium Addons for Elementor	Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-3885	2025-01-16 14:42	2024-05-2	Show	GitHub Exploit DB Packet Storm

385	5.4	警告 Network	WPDeveloper	Essential Addons for Elementor	WPDeveloper の WordPress 用 Essential Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-4156	2025-01-16 14:42	2024-05-2	Show	GitHub Exploit DB Packet Storm

386	4.3	警告 Network	DesDev Inc.	DedeCMS	DesDev Inc. の DedeCMS におけるクロスサイトリクエストフォージェリの脆弱性 New	CWE-352 同一生成元ポリシー違反	CVE-2024-4593	2025-01-16 14:42	2024-05-7	Show	GitHub Exploit DB Packet Storm

387	6.1	警告 Network	oretnom23	customer support system	Oretnom23 の customer support system におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 CWE-79	CVE-2023-49971	2025-01-16 14:40	2023-12-4	Show	GitHub Exploit DB Packet Storm

388	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	f1203 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の f1203 ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-121 CWE-787	CVE-2024-2977	2025-01-16 14:40	2024-03-27	Show	GitHub Exploit DB Packet Storm

389	4.3	警告 Network	DesDev Inc.	DedeCMS	DesDev Inc. の DedeCMS におけるクロスサイトリクエストフォージェリの脆弱性 New	CWE-352 同一生成元ポリシー違反	CVE-2024-3145	2025-01-16 14:40	2024-04-2	Show	GitHub Exploit DB Packet Storm

390	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	W15E ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の W15E ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-121 CWE-787	CVE-2024-4115	2025-01-16 14:40	2024-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 18, 2025, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
331	-	-	-	An access control issue in the component form2RepeaterSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G repeater service of the device via a … New	-	CVE-2024-57679	2025-01-17 04:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

332	-	-	-	An access control issue in the component form2WlAc.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G mac access control list of the device via a cr… New	-	CVE-2024-57678	2025-01-17 04:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

333	-	-	-	An access control issue in the component form2Wan.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request. New	-	CVE-2024-57677	2025-01-17 04:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

334	-	-	-	An access control issue in the component form2WlanBasicSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G wlan service of the device via a cra… New	-	CVE-2024-57676	2025-01-17 04:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

335	-	-	-	Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-52594	2025-01-17 04:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

336	-	-	-	Buffer Overflow vulnerability in Neat Board NFC v.1.20240620.0015 allows a physically proximate attackers to escalate privileges via a crafted payload to the password field Update	-	CVE-2024-48806	2025-01-17 04:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

337	-	-	-	Canlineapp Online 1.1 is vulnerable to Broken Access Control and allows users with the Auditor role to create an audit template as a result of improper authorization checks. This feature is designate… Update	-	CVE-2024-56114	2025-01-17 04:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

338	-	-	-	Mattermost Mobile versions <= 2.22.0 fail to properly validate the style of proto supplied to an action's style in post.props.attachments, which allows an attacker to crash the mobile via crafted mal… New	-	CVE-2025-20072	2025-01-17 03:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

339	-	-	-	A cross-site scripting (XSS) vulnerability in the /apply/getEditPage?view interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. New	-	CVE-2024-57776	2025-01-17 03:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

340	-	-	-	JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component getWorkFlowHis?insid. New	-	CVE-2024-57775	2025-01-17 03:15	2025-01-17	Show	GitHub Exploit DB Packet Storm