Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 16, 2025, 6:05 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
441	6.8	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	Windows モバイルブロードバンドドライバーの特権昇格の脆弱性 New	CWE-125 CWE-191 CWE-noinfo	CVE-2024-49077	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

442	6.8	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	Windows モバイルブロードバンドドライバーの特権昇格の脆弱性 New	CWE-125 CWE-noinfo	CVE-2024-49083	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

443	6.6	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	ワイヤレス広域ネットワークサービス (WwanSvc) の特権昇格の脆弱性 New	CWE-122 CWE-noinfo	CVE-2024-49094	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

444	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性 New	CWE-667 不適切なロック	CVE-2021-47055	2025-01-14 16:20	2021-03-28	Show	GitHub Exploit DB Packet Storm

445	4.3	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	Windows ワイヤレスワイドエリアネットワークサービス (WwanSvc) の情報漏えいの脆弱性 New	CWE-125 CWE-noinfo	CVE-2024-49099	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

446	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Window…	Windows ルーティングとリモートアクセスサービス (RRAS) のリモートでコードが実行される脆弱性 New	CWE-122 CWE-noinfo	CVE-2024-49104	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

447	6.6	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	ワイヤレス広域ネットワークサービス (WwanSvc) の特権昇格の脆弱性 New	CWE-125 CWE-noinfo	CVE-2024-49109	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

448	4.3	警告 Network	Jegtheme	Jeg Elementor Kit	Jegtheme の WordPress 用 Jeg Elementor Kit における重要な情報のセキュアでない格納に関する脆弱性 New	CWE-200 CWE-922	CVE-2024-8899	2025-01-14 16:18	2024-11-26	Show	GitHub Exploit DB Packet Storm

449	6.5	警告 Network	argoproj	argo cd	argoproj の argo cd における脆弱性 New	CWE-269 CWE-noinfo	CVE-2024-41666	2025-01-14 16:17	2024-07-24	Show	GitHub Exploit DB Packet Storm

450	8.8	重要 Network	XWiki	xwiki	XWiki の xwiki における認証の欠如に関する脆弱性 New	CWE-862 CWE-862	CVE-2024-31997	2025-01-14 16:17	2024-04-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 16, 2025, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
151	-		-	-	Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP… New	-	CVE-2025-0354	2025-01-15 17:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

152	-		-	-	A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from … New	-	CVE-2024-7322	2025-01-15 17:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

153	7.5	HIGH Network	-	-	In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS. New	CWE-834 Excessive Iteration	CVE-2024-4227	2025-01-15 17:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

154	6.4	MEDIUM Network	-	-	The Event Registration Calendar By vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.4.0 due to insufficient… New	CWE-79 Cross-site Scripting	CVE-2024-11870	2025-01-15 17:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

155	-		-	-	A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison betwe… New	-	CVE-2024-12085	2025-01-15 16:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

156	-		-	-	Stack-based buffer overflow vulnerability exists in Linux Ratfor 1.06 and earlier. When the software processes a file which is specially crafted by an attacker, arbitrary code may be executed. As a r… New	CWE-121 Stack-based Buffer Overflow	CVE-2024-55577	2025-01-15 15:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

157	6.4	MEDIUM Network	-	-	The ViewMedica 9 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'viewmedica' shortcode in all versions up to, and including, 1.4.15 due to insufficient input sanit… New	CWE-79 Cross-site Scripting	CVE-2024-13394	2025-01-15 15:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

158	-		-	-	Mongoose before 8.9.5 can improperly use a nested $where filter with a populate() match, leading to search injection. NOTE: this issue exists because of an incomplete fix for CVE-2024-53900. New	-	CVE-2025-23061	2025-01-15 14:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

159	-		-	-	Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this… New	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2025-22394	2025-01-15 14:15	2025-01-15	Show	GitHub Exploit DB Packet Storm

160	-		-	-	Dell Display Manager, versions prior to 2.3.2.20, contain a race condition vulnerability. A local malicious user could potentially exploit this vulnerability during installation, leading to arbitrary… New	CWE-362 Race Condition	CVE-2025-21101	2025-01-15 14:15	2025-01-15	Show	GitHub Exploit DB Packet Storm