Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
441 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. i21 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の i21 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-4246 2025-01-28 11:40 2024-04-27 Show GitHub Exploit DB Packet Storm
442 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. i21 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の i21 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-4250 2025-01-28 11:40 2024-04-27 Show GitHub Exploit DB Packet Storm
443 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. i22 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の i22 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-4252 2025-01-28 11:40 2024-04-27 Show GitHub Exploit DB Packet Storm
444 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. i21 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の i21 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-4496 2025-01-28 11:40 2024-05-5 Show GitHub Exploit DB Packet Storm
445 6.5 警告
Adjacent 		Magma Magma Linux Foundation の Magma における NULL ポインタデリファレンスに関する脆弱性 CWE-476
CWE-476
CVE-2023-37038 2025-01-28 11:39 2023-06-28 Show GitHub Exploit DB Packet Storm
446 7.5 重要
Network 		クアルコム CSR8811 ファームウェア
immersive home 318 ファームウェア
IPQ5010 ファームウェア
flight rb5 5g ファームウェア
ipq8070a ファームウェア
IPQ8072A ファームウェア
IPQ8071A ファ… 		複数のクアルコム製品における境界外読み取りに関する脆弱性 CWE-125
CWE-126
CVE-2023-43537 2025-01-28 11:39 2023-09-19 Show GitHub Exploit DB Packet Storm
447 7.8 重要
Local 		クアルコム FSM10056 ファームウェア
CSRA6620 ファームウェア
fastconnect 6800 ファームウェア
QCA4004 ファームウェア
flight rb5 5g ファームウェア
9205 lte modem ファームウェア
fastco… 		複数のクアルコム製品における古典的バッファオーバーフローの脆弱性 CWE-120
CWE-120
CVE-2023-43542 2025-01-28 11:39 2023-09-19 Show GitHub Exploit DB Packet Storm
448 5.3 警告
Network 		PPWP Password Protect WordPress PPWP の WordPress 用 Password Protect WordPress における脆弱性 CWE-noinfo
情報不足 		CVE-2024-0620 2025-01-28 11:38 2024-02-29 Show GitHub Exploit DB Packet Storm
449 5.5 警告
Local 		openatom openharmony openatom の openharmony における解放済みメモリの使用に関する脆弱性 CWE-416
CWE-416
CVE-2024-22180 2025-01-28 11:38 2024-04-2 Show GitHub Exploit DB Packet Storm
450 7.5 重要
Network 		Magma Magma Linux Foundation の Magma における古典的バッファオーバーフローの脆弱性 CWE-120
CWE-120
CVE-2024-24418 2025-01-28 11:38 2024-01-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 12, 2025, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1321 3.3 LOW
Local 		apple macos
ipados
iphone_os 		A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. An app may be able to view a contact's phone n… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2025-24145 2025-01-31 03:04 2025-01-28 Show GitHub Exploit DB Packet Storm
1322 7.5 HIGH
Network 		jyothisjoy eventer The Eventer plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'eventer_get_attendees' function in all versions up to, and including, 3.9.8 due to insufficient escap… CWE-89
SQL Injection 		CVE-2024-11135 2025-01-31 03:03 2025-01-28 Show GitHub Exploit DB Packet Storm
1323 6.5 MEDIUM
Network 		apple macos
ipados
safari
visionos 		The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted web… NVD-CWE-noinfo
CVE-2025-24143 2025-01-31 03:03 2025-01-28 Show GitHub Exploit DB Packet Storm
1324 3.3 LOW
Local 		apple ipados
iphone_os 		An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Pho… NVD-CWE-noinfo
CVE-2025-24141 2025-01-31 03:03 2025-01-28 Show GitHub Exploit DB Packet Storm
1325 9.8 CRITICAL
Network 		themerex addons The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'trx_addons_uploads_save_data' function in all versions up to, and includin… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-13448 2025-01-31 03:01 2025-01-28 Show GitHub Exploit DB Packet Storm
1326 4.4 MEDIUM
Local 		apple macos This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A malicious app may be able to create symlinks to … CWE-59
Link Following 		CVE-2025-24136 2025-01-31 03:00 2025-01-28 Show GitHub Exploit DB Packet Storm
1327 6.5 MEDIUM
Network 		apple macos
ipados
iphone_os
visionos
watchos
tvos 		The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker in a privileged position… NVD-CWE-noinfo
CVE-2025-24131 2025-01-31 02:58 2025-01-28 Show GitHub Exploit DB Packet Storm
1328 6.1 MEDIUM
Network 		westguardsolutions ws_form The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url parameter in all versions up to, and including, 1.10.13… CWE-79
Cross-site Scripting 		CVE-2024-13509 2025-01-31 02:56 2025-01-28 Show GitHub Exploit DB Packet Storm
1329 5.4 MEDIUM
Network 		ilghera mailup_auto_subscription The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the … CWE-352
 Origin Validation Error 		CVE-2024-13521 2025-01-31 02:41 2025-01-28 Show GitHub Exploit DB Packet Storm
1330 5.4 MEDIUM
Network 		wpmet elementskit The ElementsKit Pro plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.7.8 due to insufficient input sanitizat… CWE-79
Cross-site Scripting 		CVE-2025-0321 2025-01-31 02:39 2025-01-28 Show GitHub Exploit DB Packet Storm