Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 11, 2025, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
31	7	重要 Local	マイクロソフト	Microsoft Windows Server 2022 Microsoft Windows 10 Microsoft Windows 11	Windows USB プリントドライバーの特権の昇格の脆弱性 New	CWE-126 CWE-362	CVE-2024-26243	2025-01-10 17:37	2024-04-9	Show	GitHub Exploit DB Packet Storm

32	6.5	警告 Network	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows 10 Microsoft Windows Server 2008 Microsoft Windows Server&…	Windows Kerberos のサービス拒否の脆弱性 New	CWE-476 CWE-noinfo	CVE-2024-26183	2025-01-10 17:36	2024-04-9	Show	GitHub Exploit DB Packet Storm

33	8	重要 Adjacent	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows 10 Microsoft Windows Server&…	セキュアブートのセキュリティ機能のバイパスの脆弱性 New	CWE-121 CWE-noinfo	CVE-2024-26180	2025-01-10 17:34	2024-04-9	Show	GitHub Exploit DB Packet Storm

34	8	重要 Adjacent	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows 10 Microsoft Windows Server 2008 Microsoft Windows Server&…	セキュアブートのセキュリティ機能のバイパスの脆弱性 New	CWE-20 CWE-noinfo	CVE-2024-26240	2025-01-10 17:32	2024-04-9	Show	GitHub Exploit DB Packet Storm

35	5.5	警告 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows 10 Microsoft Windows 11	Windows DWM Core ライブラリの情報漏えいの脆弱性 New	CWE-125 CWE-noinfo	CVE-2024-26172	2025-01-10 17:32	2024-04-9	Show	GitHub Exploit DB Packet Storm

36	7.3	重要 Local	マイクロソフト	PowerShell Microsoft .NET Framework .NET Microsoft Visual Studio	.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability New	CWE-416 CWE-noinfo	CVE-2024-21409	2025-01-10 17:30	2024-04-9	Show	GitHub Exploit DB Packet Storm

37	7	重要 Local	マイクロソフト	Microsoft Windows Server 2022	Windows Update スタックの特権の昇格の脆弱性 New	CWE-362 CWE-591	CVE-2024-26236	2025-01-10 17:28	2024-04-9	Show	GitHub Exploit DB Packet Storm

38	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows 10 Microsoft Windows Server 2019 Microsoft Windows Server&…	Windows カーネルの特権の昇格の脆弱性 New	CWE-426 CWE-noinfo	CVE-2024-20693	2025-01-10 17:26	2024-04-9	Show	GitHub Exploit DB Packet Storm

39	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows 10 Microsoft Windows Server 2008 Microsoft Windows Server&…	Windows 暗号化サービスのセキュリティ機能のバイパスの脆弱性 New	CWE-310 CWE-347	CVE-2024-26228	2025-01-10 17:25	2024-04-9	Show	GitHub Exploit DB Packet Storm

40	6.6	警告 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows Server 2016 Microsoft Windows Server 2022	Windows DNS サーバーのリモートでコードが実行される脆弱性 New	CWE-203 CWE-416	CVE-2024-26221	2025-01-10 17:19	2024-04-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 11, 2025, 5:03 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
101	-	-	-	Infoblox BloxOne v2.4 was discovered to contain a business logic flaw due to thick client vulnerabilities. New	-	CVE-2024-46505	2025-01-10 05:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

102	-	-	-	A cross-site scripting (XSS) vulnerability in Nagios XI 2024R1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Account Sett… New	-	CVE-2024-42898	2025-01-10 05:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

103	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Views SVG Animation allows Cross-Site Scripting (XSS).This issue affects Views SVG Animati… New	-	CVE-2024-13287	2025-01-10 05:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

104	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal SVG Embed allows Cross-Site Scripting (XSS).This issue affects SVG Embed: from 0.0.0 befor… New	-	CVE-2024-13286	2025-01-10 05:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

105	-	-	-	Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf: .. New	-	CVE-2024-13285	2025-01-10 05:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

106	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Drupal Gutenberg allows Cross Site Request Forgery.This issue affects Gutenberg: from 0.0.0 before 2.13.0, from 3.0.0 before 3.0.5. New	-	CVE-2024-13284	2025-01-10 05:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

107	-	-	-	Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This issue affects Block permissions: from 1.0.0 before 1.2.0. New	-	CVE-2024-13282	2025-01-10 05:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

108	-	-	-	Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue affects Monster Menus: from 0.0.0 before 9.3.2. New	-	CVE-2024-13281	2025-01-10 05:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

109	-	-	-	Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing.This issue affects Persistent Login: from 0.0.0 before 1.8.0, from 2.0.* before 2.2.2. New	-	CVE-2024-13280	2025-01-10 05:15	2025-01-10	Show	GitHub Exploit DB Packet Storm

110	-	-	-	Session Fixation vulnerability in Drupal Two-factor Authentication (TFA) allows Session Fixation.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.8.0. New	-	CVE-2024-13279	2025-01-10 05:15	2025-01-10	Show	GitHub Exploit DB Packet Storm