Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 27, 2025, 12:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
461	5.4	警告 Network	Themeisle	otter blocks	ThemeIsle の WordPress 用 otter blocks におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-3725	2025-01-22 14:42	2024-05-2	Show	GitHub Exploit DB Packet Storm

462	7.1	重要 Network	cvat	computer vision annotation tool	cvat の computer vision annotation tool におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 CWE-352	CVE-2024-37306	2025-01-22 14:42	2024-06-13	Show	GitHub Exploit DB Packet Storm

463	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	ac500 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の ac500 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-3905	2025-01-22 14:42	2024-04-17	Show	GitHub Exploit DB Packet Storm

464	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	ac500 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の ac500 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-3910	2025-01-22 14:42	2024-04-17	Show	GitHub Exploit DB Packet Storm

465	5.4	警告 Network	StylemixThemes	MasterStudy LMS	StylemixThemes の WordPress 用 MasterStudy LMS における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-3942	2025-01-22 14:42	2024-05-2	Show	GitHub Exploit DB Packet Storm

466	7.5	重要 Network	マイクロフォーカス株式会社	imanager	マイクロフォーカス株式会社の imanager におけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 CWE-918	CVE-2024-3970	2025-01-22 14:42	2024-05-15	Show	GitHub Exploit DB Packet Storm

467	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	AC8 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の AC8 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-4066	2025-01-22 14:42	2024-04-23	Show	GitHub Exploit DB Packet Storm

468	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	4g300 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の 4g300 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-4167	2025-01-22 14:42	2024-04-25	Show	GitHub Exploit DB Packet Storm

469	5.4	警告 Network	Autolab project	Autolab	Autolab project の Autolab におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-52585	2025-01-22 14:42	2024-11-18	Show	GitHub Exploit DB Packet Storm

470	9.8	緊急 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla Foundation の Mozilla Firefox および Mozilla Thunderbird における脆弱性	CWE-noinfo 情報不足	CVE-2024-3863	2025-01-22 14:26	2024-04-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 27, 2025, 4:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
701	-	-	-	Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `E-RAB Modification Indication` message…	-	CVE-2023-37002	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

702	-	-	-	The NextEPC MME <= 1.0.1 (fixed in commit a8492c9c5bc0a66c6999cb5a263545b32a4109df) contains a stack-based buffer overflow vulnerability in the Emergency Number List decoding method. An attacker may …	-	CVE-2023-36998	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

703	-	-	-	In DGifSlurp of dgif_lib.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interacti…	-	CVE-2024-49749	2025-01-23 00:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

704	-	-	-	In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privil…	-	CVE-2024-49748	2025-01-23 00:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

705	-	-	-	In gatts_process_read_by_type_req of gatt_sr.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with no additional execution privil…	-	CVE-2024-49747	2025-01-23 00:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

706	-	-	-	In growData of Parcel.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. U…	-	CVE-2024-49745	2025-01-23 00:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

707	-	-	-	In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to bypass parcel mismatch mitigation due to unsafe deserialization. This could lead to local escalation of …	-	CVE-2024-49744	2025-01-23 00:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

708	-	-	-	In onCreate of NotificationAccessConfirmationActivity.java , there is a possible way to hide an app with notification access in Settings due to a missing permission check. This could lead to local es…	-	CVE-2024-49742	2025-01-23 00:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

709	-	-	-	In writeInplace of Parcel.cpp, there is a possible out of bounds write. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed…	-	CVE-2024-49738	2025-01-23 00:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

710	-	-	-	In applyTaskFragmentOperation of WindowOrganizerController.java, there is a possible way to launch arbitrary activities as the system UID due to a logic error in the code. This could lead to local es…	-	CVE-2024-49737	2025-01-23 00:15	2025-01-22	Show	GitHub Exploit DB Packet Storm