Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
41	8.8	重要 Network	Delta Electronics, INC.	DIAEnergie	Delta Electronics, INC. の DIAEnergie における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-34032	2025-01-31 15:16	2024-05-3	Show	GitHub Exploit DB Packet Storm

42	5.4	警告 Network	Brainstorm Force	Elementor Header & Footer Builder	Brainstorm Force の WordPress 用 Elementor Header & Footer Builder におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-4634	2025-01-31 15:16	2024-05-16	Show	GitHub Exploit DB Packet Storm

43	6.5	警告 Network	JetBrains	YouTrack	JetBrains の YouTrack における非効率的な正規表現の複雑さに関する脆弱性	CWE-1333 非効率的な正規表現の複雑さ	CVE-2024-54157	2025-01-31 15:16	2024-12-4	Show	GitHub Exploit DB Packet Storm

44	6.1	警告 Network	JetBrains	TeamCity	JetBrains の TeamCity におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-24459	2025-01-31 15:16	2025-01-21	Show	GitHub Exploit DB Packet Storm

45	6.5	警告 Network	JetBrains	TeamCity	JetBrains の TeamCity における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2025-24461	2025-01-31 15:16	2025-01-21	Show	GitHub Exploit DB Packet Storm

46	6.1	警告 Network	Esri	Portal for ArcGIS	Esri の Portal for ArcGIS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-8149	2025-01-31 15:01	2024-10-4	Show	GitHub Exploit DB Packet Storm

47	4.3	警告 Network	JetBrains	TeamCity	JetBrains の TeamCity における不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2025-24460	2025-01-31 15:01	2025-01-21	Show	GitHub Exploit DB Packet Storm

48	8.8	重要 Network	weDevs	wp erp	weDevs の WordPress 用 wp erp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-0608	2025-01-31 14:50	2024-03-29	Show	GitHub Exploit DB Packet Storm

49	7.2	重要 Network	weDevs	wp erp	weDevs の WordPress 用 wp erp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-0913	2025-01-31 14:50	2024-03-29	Show	GitHub Exploit DB Packet Storm

50	5.4	警告 Network	Brainstorm Force	ultimate addons for beaver builder	Brainstorm Force の WordPress 用 ultimate addons for beaver builder におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-2140	2025-01-31 14:50	2024-03-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 23, 2025, 4:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1221	-		-	-	An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W-A1 allows a remote attacker to obtain sensitive information via the Weak default WiFi password generat…	-	CVE-2025-22936	2025-02-12 23:15	2025-02-7	Show	GitHub Exploit DB Packet Storm

1222	4.4	MEDIUM Local	samsung	android	Improper privilege management in Samsung Find prior to SMR Feb-2025 Release 1 allows local privileged attackers to disable Samsung Find.	NVD-CWE-noinfo	CVE-2025-20907	2025-02-12 22:49	2025-02-4	Show	GitHub Exploit DB Packet Storm

1223	6.7	MEDIUM Local	samsung	android	Out-of-bounds read and write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to read and write out-of-bounds memory.	CWE-125 Out-of-bounds Read	CVE-2025-20905	2025-02-12 22:49	2025-02-4	Show	GitHub Exploit DB Packet Storm

1224	6.7	MEDIUM Local	samsung	android	Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption.	CWE-787 Out-of-bounds Write	CVE-2025-20904	2025-02-12 22:48	2025-02-4	Show	GitHub Exploit DB Packet Storm

1225	5.1	MEDIUM Local	samsung	android	Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attackers to change the configuration of notifications.	NVD-CWE-Other	CVE-2025-20893	2025-02-12 22:48	2025-02-4	Show	GitHub Exploit DB Packet Storm

1226	5.9	MEDIUM Physics	samsung	android	Protection Mechanism Failure in bootloader prior to SMR Jan-2025 Release 1 allows physical attackers to allow to execute fastboot command. User interaction is required for triggering this vulnerabili…	NVD-CWE-noinfo	CVE-2025-20892	2025-02-12 22:47	2025-02-4	Show	GitHub Exploit DB Packet Storm

1227	5.5	MEDIUM Local	samsung	android	Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required fo…	CWE-125 Out-of-bounds Read	CVE-2025-20891	2025-02-12 22:47	2025-02-4	Show	GitHub Exploit DB Packet Storm

1228	7.8	HIGH Local	samsung	android	Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggeri…	CWE-787 Out-of-bounds Write	CVE-2025-20890	2025-02-12 22:47	2025-02-4	Show	GitHub Exploit DB Packet Storm

1229	5.5	MEDIUM Local	samsung	android	Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for trigge…	CWE-787 Out-of-bounds Write	CVE-2025-20889	2025-02-12 22:46	2025-02-4	Show	GitHub Exploit DB Packet Storm

1230	7.8	HIGH Local	samsung	android	Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is require…	CWE-787 Out-of-bounds Write	CVE-2025-20888	2025-02-12 22:46	2025-02-4	Show	GitHub Exploit DB Packet Storm