Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":Jan. 18, 2025, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 491 | 9.8 |
緊急
Network infoline-tr |
project management system
|
campcodes の Project Management System における危険なタイプのファイルの無制限アップロードに関する脆弱性
|
CWE-284 |
CWE-434 CWE-434
CVE-2025-0213
|
2025-01-15 17:28 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 492 | 9.8 |
緊急
Network campcodes |
School Faculty Scheduling System
|
campcodes の School Faculty Scheduling System における SQL インジェクションの脆弱性
|
CWE-74 |
CWE-89 CWE-89
CVE-2025-0210
|
2025-01-15 17:26 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 493 | 9.8 |
緊急
Network code-projects |
Online Shoe Store
|
code-projects の Online Shoe Store における SQL インジェクションの脆弱性
|
CWE-74 |
CWE-89 CWE-89
CVE-2025-0207
|
2025-01-15 17:23 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 494 | 4.7 |
警告
Local |
クアルコム |
QCA6595 ファームウェア QCA6696 ファームウェア qam8255p ファームウェア sa7255p ファームウェア sa8540p ファームウェア qamsrv1m ファームウェア QAM8295P ファームウェア qca6698aq ファームウェア sa… |
複数のクアルコム製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 |
CWE-264 CWE-770 |
CVE-2024-43064 | 2025-01-15 17:20 | 2024-08-5 | Show | GitHub Exploit DB Packet Storm |
| 495 | 8.8 |
重要
Network |
wangl1989 | mysiteforme | wangl1989 の mysiteforme におけるサーバサイドのリクエストフォージェリの脆弱性 |
CWE-918
サーバサイドリクエストフォージェリ |
CVE-2024-13139 | 2025-01-15 17:20 | 2025-01-5 | Show | GitHub Exploit DB Packet Storm |
| 496 | 9.8 |
緊急
Network TreasureHuntGame |
TreasureHunt
|
TreasureHuntGame の TreasureHunt における SQL インジェクションの脆弱性
|
CWE-74 |
CWE-89 CWE-89
CVE-2024-12895
|
2025-01-15 17:17 |
2024-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 497 | 8.8 |
重要
Network |
Shenzhen Tenda Technology Co.,Ltd. | AC18 ファームウェア | Shenzhen Tenda Technology Co.,Ltd. の AC18 ファームウェアにおける境界外書き込みに関する脆弱性 |
CWE-121 CWE-787 |
CVE-2024-2487 | 2025-01-15 17:17 | 2024-03-15 | Show | GitHub Exploit DB Packet Storm |
| 498 | 8.8 |
重要
Network |
Synology Inc. | Surveillance Station | Synology Inc. の Surveillance Station における認証の欠如に関する脆弱性 |
CWE-862
認証の欠如 |
CVE-2024-29241 | 2025-01-15 17:16 | 2024-03-28 | Show | GitHub Exploit DB Packet Storm |
| 499 | 7.8 |
重要
Local |
クアルコム |
qcc2076 ファームウェア WCD9385 ファームウェア qcc2073 ファームウェア wsa8845 ファームウェア sc8380xp ファームウェア wsa8845h ファームウェア WCD9380 ファームウェア wsa8840 ファームウェア fastc… |
複数のクアルコム製品における境界外読み取りに関する脆弱性 |
CWE-125 CWE-126 |
CVE-2024-45546 | 2025-01-15 17:16 | 2024-09-2 | Show | GitHub Exploit DB Packet Storm |
| 500 | 5.5 |
警告
Local |
Huawei | HarmonyOS | Huawei の HarmonyOS における脆弱性 |
CWE-120 CWE-noinfo |
CVE-2024-56453 | 2025-01-15 17:16 | 2024-12-26 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:Jan. 18, 2025, 4:13 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 221 | 4.3 |
MEDIUM
Network |
apple |
ipados iphone_os watchos visionos |
A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker with access to calendar data could also read reminder… New |
CWE-22
Path Traversal |
CVE-2024-54535 | 2025-01-17 05:36 | 2025-01-16 | Show | GitHub Exploit DB Packet Storm |
| 222 | 8.8 |
HIGH
Network |
chrome | Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) New |
CWE-125
Out-of-bounds Read |
CVE-2025-0437 | 2025-01-17 05:35 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm | |
| 223 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2022_23h2 windows_11_23h2 windows_10_1607 windows_10_1809 windows_10_1507 windows_10_21h2 windows_10_22h2 windows_11_… |
Windows Telephony Service Remote Code Execution Vulnerability New |
NVD-CWE-noinfo
|
CVE-2025-21417 | 2025-01-17 05:34 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 224 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability New |
NVD-CWE-noinfo
|
CVE-2025-21413 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 225 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability New |
NVD-CWE-noinfo
|
CVE-2025-21411 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 226 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability New |
NVD-CWE-noinfo
|
CVE-2025-21409 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 227 | - | - | - | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in carrotbits Greek Namedays Widget From Eortologio.Net allows Stored XSS.This issue affects Greek N… New |
CWE-79
Cross-site Scripting |
CVE-2025-23783 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm | |
| 228 | - | - | - | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Revolutionart Marmoset Viewer allows Stored XSS.This issue affects Marmoset Viewer: from n/a thro… New |
CWE-79
Cross-site Scripting |
CVE-2025-23767 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm | |
| 229 | - | - | - | Cross-Site Request Forgery (CSRF) vulnerability in Mahdi Khaksar mybb Last Topics allows Stored XSS.This issue affects mybb Last Topics: from n/a through 1.0. New |
CWE-352
Origin Validation Error |
CVE-2025-23749 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm | |
| 230 | - | - | - | Cross-Site Request Forgery (CSRF) vulnerability in Tussendoor internet & marketing Call me Now allows Stored XSS.This issue affects Call me Now: from n/a through 1.0.5. New |
CWE-352
Origin Validation Error |
CVE-2025-23745 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm |