Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 16, 2025, 2:03 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
391 6.6 警告
Network
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Windows DNS サーバーのリモートでコードが実行される脆弱性 New CWE-416
CWE-noinfo
CVE-2024-26227 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
392 7 重要
Local
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2008
Microsoft Window…
Windows Telephony Server の特権の昇格の脆弱性 New CWE-362
CWE-591
CVE-2024-26242 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
393 5.5 警告
Local
マイクロソフト Microsoft Windows 11
Microsoft Windows Server 2019
Microsoft Windows 10
Microsoft Windows Server 2022
Windows Remote Access Connection Manager の情報漏えいの脆弱性 New CWE-125
CWE-126
CVE-2024-26255 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
394 5.5 警告
Local
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Window…
Windows Remote Access Connection Manager の情報漏えいの脆弱性 New CWE-125
CWE-126
CVE-2024-28901 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
395 7.5 重要
Adjacent
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Window…
セキュア ブートのセキュリティ機能のバイパスの脆弱性 New CWE-122
CWE-noinfo
CVE-2024-28896 2025-01-14 14:13 2024-04-9 Show GitHub Exploit DB Packet Storm
396 9.8 緊急
Network
mysiteforme project mysiteforme wangl1989 の mysiteforme における信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-20
CWE-502
CWE-502
CVE-2024-13136 2025-01-14 14:12 2025-01-5 Show GitHub Exploit DB Packet Storm
397 9.8 緊急
Network
TreasureHuntGame TreasureHunt TreasureHuntGame の TreasureHunt における SQL インジェクションの脆弱性 New CWE-74
CWE-89
CWE-89
CVE-2024-12894 2025-01-14 14:09 2024-12-22 Show GitHub Exploit DB Packet Storm
398 6.7 警告
Local
マイクロソフト Microsoft Windows Server 2016
Microsoft Windows 11
Microsoft Windows Server 2012
Microsoft Windows Server 2019
Microsoft Window…
セキュア ブートのセキュリティ機能のバイパスの脆弱性 New CWE-693
CWE-noinfo
CVE-2024-28903 2025-01-14 14:03 2024-04-9 Show GitHub Exploit DB Packet Storm
399 5.5 警告
Local
クアルコム WCD9385 ファームウェア
fastconnect 6700 ファームウェア
fastconnect 7800 ファームウェア
wsa8845 ファームウェア
wsa8840 ファームウェア
sc8380xp ファームウェア
WSA8830 ファームウェア
sn…
複数のクアルコム製品における境界外読み取りに関する脆弱性 New CWE-125
CWE-126
CVE-2023-33078 2025-01-14 13:35 2023-05-17 Show GitHub Exploit DB Packet Storm
400 5.3 警告
Network
IBM IBM CICS TX IBM の IBM CICS TX における観測可能な不一致に関する脆弱性 New CWE-203
CWE-204
CVE-2023-38362 2025-01-14 13:30 2023-11-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 16, 2025, 4:15 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 - - - MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add. New - CVE-2024-57764 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
172 - - - MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/addField. New - CVE-2024-57763 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
173 - - - MSFM before v2025.01.01 was discovered to contain a deserialization vulnerability via the pom.xml configuration file. New - CVE-2024-57762 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
174 - - - An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code via uploading a crafted file. New - CVE-2024-57761 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
175 - - - JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java. New - CVE-2024-57760 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
176 - - - JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava. New - CVE-2024-57757 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
177 - - - The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS wh… New - CVE-2024-50861 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
178 - - - The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable to Reflected XSS. When a user uploads an improperly formatted file, the content may be reflected in the HTML response, allowing the atta… New - CVE-2024-50859 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
179 - - - Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An attacker can execute actions via the admin's browser by hosting a malicious URL, leading to data modifica… New - CVE-2024-50858 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm
180 - - - The ip_do_job request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting (XSS). It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific user permissions within… New - CVE-2024-50857 2025-01-15 09:15 2025-01-15 Show GitHub Exploit DB Packet Storm