Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
411	4.3	警告 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	MapUrlToZone セキュリティ機能のバイパスの脆弱性	CWE-41 CWE-noinfo	CVE-2025-21219	2025-01-28 14:05	2025-01-14	Show	GitHub Exploit DB Packet Storm

412	7.5	重要 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Window…	Microsoft Message Queuing (MSMQ) のサービス拒否の脆弱性	CWE-20 CWE-400 CWE-noinfo	CVE-2025-21230	2025-01-28 14:05	2025-01-14	Show	GitHub Exploit DB Packet Storm

413	6.6	警告 Physics	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Window…	Windows デジタルメディアの特権昇格の脆弱性	CWE-125 CWE-noinfo	CVE-2025-21226	2025-01-28 14:02	2025-01-14	Show	GitHub Exploit DB Packet Storm

414	4.2	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Window…	Windows BitLocker の情報漏えいの脆弱性	CWE-200 CWE-noinfo	CVE-2025-21214	2025-01-28 13:59	2025-01-14	Show	GitHub Exploit DB Packet Storm

415	6.8	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Window…	セキュアブートのセキュリティ機能のバイパスの脆弱性	CWE-693 CWE-noinfo	CVE-2025-21211	2025-01-28 13:56	2025-01-14	Show	GitHub Exploit DB Packet Storm

416	7.5	重要 Network	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	Windows Connected Devices Platform Service (Cdpsvc) サービス拒否の脆弱性	CWE-400 CWE-noinfo	CVE-2025-21207	2025-01-28 13:53	2025-01-14	Show	GitHub Exploit DB Packet Storm

417	4.3	警告 Network	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Window…	MapUrlToZone セキュリティ機能のバイパスの脆弱性	CWE-41 CWE-noinfo	CVE-2025-21189	2025-01-28 13:50	2025-01-14	Show	GitHub Exploit DB Packet Storm

418	4.6	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Window…	セキュアブートのセキュリティ機能のバイパスの脆弱性	CWE-284 CWE-noinfo	CVE-2025-21213	2025-01-28 13:49	2025-01-14	Show	GitHub Exploit DB Packet Storm

419	7.8	重要 Local	マイクロソフト	Microsoft Office Microsoft 365 Apps Microsoft Access	Microsoft Access のリモートコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21186	2025-01-28 13:46	2025-01-14	Show	GitHub Exploit DB Packet Storm

420	5.4	警告 Network	Leap13	Premium Addons for Elementor	Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-29106	2025-01-28 13:30	2024-03-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 7, 2025, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
981	-		-	-	When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root ( https://githu…	-	CVE-2021-3978	2025-01-29 19:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

982	-		-	-	In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute('href',href) call. NOTE: some parties feel that…	-	CVE-2024-57965	2025-01-29 19:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

983	-		-	-	Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of …	-	CVE-2024-7695	2025-01-29 17:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

984	7.2	HIGH Network	-	-	The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wishlist_name’ parameter in all versions up to, …	CWE-79 Cross-site Scripting	CVE-2024-13696	2025-01-29 17:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

985	6.4	MEDIUM Network	-	-	The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via link titles in all versions up t…	CWE-79 Cross-site Scripting	CVE-2025-0804	2025-01-29 13:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

986	4.3	MEDIUM Network	-	-	A vulnerability was found in code-projects Job Recruitment 1.0. It has been rated as problematic. This issue affects some unknown processing of the file _call_job_search_ajax.php. The manipulation of…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2025-0806	2025-01-29 12:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

987	-		-	-	The old versions of EXIF Viewer Classic contain a cross-site scripting vulnerability caused by improper handling of EXIF meta data. When an image is rendered and crafted EXIF meta data is processed, …	CWE-79 Cross-site Scripting	CVE-2025-23362	2025-01-29 11:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

988	7.3	HIGH Network	-	-	A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/admin/submit_plan_…	CWE-89 CWE-74 SQL Injection Injection	CVE-2025-0803	2025-01-29 11:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

989	7.3	HIGH Network	-	-	A vulnerability classified as critical was found in SourceCodester Best Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/View_user.php of …	CWE-284 CWE-266 Improper Access Control Incorrect Privilege Assignment	CVE-2025-0802	2025-01-29 11:15	2025-01-29	Show	GitHub Exploit DB Packet Storm

990	2.4	LOW Network	-	-	A vulnerability classified as problematic has been found in SourceCodester Online Courseware 1.0. Affected is an unknown function of the file /pcci/admin/saveeditt.php of the component Edit Teacher. …	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2025-0800	2025-01-29 11:15	2025-01-29	Show	GitHub Exploit DB Packet Storm