Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
481	6.5	警告 Network	Fedora Project F5 Networks	NGINX plus Fedora nginx open source	F5 Networks の nginx open source 等複数ベンダの製品における境界外書き込みに関する脆弱性	CWE-787 CWE-787	CVE-2024-32760	2025-01-27 17:58	2024-05-29	Show	GitHub Exploit DB Packet Storm

482	5.3	警告 Network	Fedora Project F5 Networks	NGINX plus Fedora nginx open source	F5 Networks の nginx open source 等複数ベンダの製品における解放済みメモリの使用に関する脆弱性	CWE-416 CWE-416	CVE-2024-34161	2025-01-27 17:58	2024-05-29	Show	GitHub Exploit DB Packet Storm

483	9.8	緊急 Network	マイクロソフト	Microsoft Windows Server 2022 Microsoft Windows 11 Microsoft Windows Server 2025	Windows NTLM V1 Elevation of Privilege Vulnerability	CWE-303 CWE-noinfo	CVE-2025-21311	2025-01-27 17:52	2025-01-14	Show	GitHub Exploit DB Packet Storm

484	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21306	2025-01-27 17:49	2025-01-14	Show	GitHub Exploit DB Packet Storm

485	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21302	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

486	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-190 CWE-noinfo	CVE-2025-21243	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

487	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-125 CWE-noinfo	CVE-2025-21245	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

488	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows 10 Microsoft Windows Server&…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2025-21248	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

489	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microsoft Window…	Active Directory Domain Services Elevation of Privilege Vulnerability	CWE-284 CWE-noinfo	CVE-2025-21293	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

490	7.5	重要 Adjacent	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Window…	BranchCache のリモートでコードが実行される脆弱性	CWE-416 CWE-noinfo	CVE-2025-21296	2025-01-27 17:45	2025-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 19, 2025, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1451	-		-	-	2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices.	-	CVE-2024-47258	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

1452	-		-	-	Successful exploitation of this vulnerability could allow an attacker (who needs to have Admin access privileges) to read hardcoded AES passphrase, which may be used for decryption of certain data wi…	-	CVE-2024-47256	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

1453	-		-	-	Specifically crafted payloads sent to the RFID reader could cause DoS of RFID reader. After the device is restarted, it gets back to fully working state.	-	CVE-2024-13417	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

1454	-		-	-	WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local file…	-	CVE-2025-24787	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

1455	-		-	-	WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in the directory `/db`, there is no path traversal prevention in place. This allows an …	-	CVE-2025-24786	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

1456	-		-	-	Cross Site Request Forgery (CSRF) in Users.php in SourceCodester Packers and Movers Management System 1.0 allows attackers to create unauthorized admin accounts via crafted requests sent to an authen…	-	CVE-2024-57523	2025-02-7 05:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

1457	-		-	-	SQL injection vulnerability in the ZimbraSync Service SOAP endpoint in Zimbra Collaboration 10.0.x before 10.0.12 and 10.1.x before 10.1.4 due to insufficient sanitization of a user-supplied paramete…	-	CVE-2025-25064	2025-02-7 05:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

1458	-		-	-	Incorrect Authorization vulnerability in Apache Cassandra allowing users to access a datacenter or IP/CIDR groups they should not be able to when using CassandraNetworkAuthorizer or CassandraCIDRAuth…	-	CVE-2025-24860	2025-02-7 05:15	2025-02-4	Show	GitHub Exploit DB Packet Storm

1459	4.3	MEDIUM Network	mozilla	firefox thunderbird	The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability affects Firefox < 135…	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2025-1019	2025-02-7 04:40	2025-02-4	Show	GitHub Exploit DB Packet Storm

1460	5.3	MEDIUM Network	mozilla	firefox thunderbird	The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. This could have been leveraged to perform a potential spoofing attack. This vulnerability affect…	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2025-1018	2025-02-7 04:40	2025-02-4	Show	GitHub Exploit DB Packet Storm