Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 19, 2025, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
551	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 Microsoft Windows 10 Microsoft Windows Server 2022 Microsoft Windows Server&…	Windows 共通ログファイルシステムドライバーの特権の昇格の脆弱性	CWE-822 CWE-noinfo	CVE-2024-49090	2025-01-15 14:44	2024-12-10	Show	GitHub Exploit DB Packet Storm

552	5.5	警告 Local	オムロン株式会社	NB-Designer	オムロン製 NB-Designer における XML 外部エンティティ参照（XXE）の不適切な制限の脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2024-12298	2025-01-15 14:40	2025-01-14	Show	GitHub Exploit DB Packet Storm

553	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 Microsoft Windows 10 Microsoft Windows Server 2022 Microsoft Windows Server&…	Windows カーネルの特権の昇格の脆弱性	CWE-362 競合状態	CVE-2024-49084	2025-01-15 14:40	2024-12-10	Show	GitHub Exploit DB Packet Storm

554	6.8	警告 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 Microsoft Windows 10 Microsoft Windows Server 2022 Microsoft Windows Server&…	Windows エクスプローラーの情報漏えいの脆弱性	CWE-22 CWE-noinfo	CVE-2024-49082	2025-01-15 14:36	2024-12-10	Show	GitHub Exploit DB Packet Storm

555	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 Microsoft Windows 10 Microsoft Windows Server 2022 Microsoft Windows Server&…	入力方式エディター (IME) のリモートでコードが実行される脆弱性	CWE-416 CWE-noinfo	CVE-2024-49079	2025-01-15 14:31	2024-12-10	Show	GitHub Exploit DB Packet Storm

556	7.5	重要 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows 10 Microsoft Windows Server&…	Windows リモートデスクトップサービスのサービス拒否の脆弱性	CWE-400 CWE-noinfo	CVE-2024-49075	2025-01-15 14:22	2024-12-10	Show	GitHub Exploit DB Packet Storm

557	6.5	警告 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2008 Microsoft Windows Server 2012 Microso…	Windows 展開サービスの情報漏えいの脆弱性	CWE-41 CWE-noinfo	CVE-2024-30036	2025-01-15 14:22	2024-05-14	Show	GitHub Exploit DB Packet Storm

558	4.6	警告 Physics	Huawei	Mate 20 ファームウェア	Huawei の Mate 20 ファームウェアにおける脆弱性	CWE-200 CWE-noinfo	CVE-2020-9082	2025-01-15 14:18	2020-02-18	Show	GitHub Exploit DB Packet Storm

559	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	FH1202 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の FH1202 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-2987	2025-01-15 14:18	2024-03-27	Show	GitHub Exploit DB Packet Storm

560	7.8	重要 Local	クアルコム	qam8650p ファームウェア qca6698aq ファームウェア SA8155P ファームウェア fastconnect 6900 ファームウェア QCA6595AU ファームウェア qam8775p ファームウェア QCA6574A ファームウェア fastconnec…	複数のクアルコム製品における解放済みメモリの使用に関する脆弱性	CWE-416 CWE-416	CVE-2024-21472	2025-01-15 14:18	2024-04-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 19, 2025, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
61	-		-	-	In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access to emergency services due to a logic error in the code. This could lead to a local denial of service w… New	-	CVE-2017-13322	2025-01-18 08:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

62	3.3	LOW Local	termius	termius	An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a crafted script to the DYLD_INSERT_LIBRARIES component. New	CWE-426 Untrusted Search Path	CVE-2024-55503	2025-01-18 07:51	2025-01-16	Show	GitHub Exploit DB Packet Storm

63	3.3	LOW Local	phiewer	phiewer	In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote control and unauthorized access to sensitive user data. New	CWE-426 Untrusted Search Path	CVE-2024-53407	2025-01-18 07:51	2025-01-16	Show	GitHub Exploit DB Packet Storm

64	6.5	MEDIUM Network	hirewebxperts	passwords_manager	The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX actions in all versions up to, and including, 1.4.8 due to insufficient escaping … New	CWE-89 SQL Injection	CVE-2024-12615	2025-01-18 07:17	2025-01-16	Show	GitHub Exploit DB Packet Storm

65	4.3	MEDIUM Network	hirewebxperts	passwords_manager	The Passwords Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pms_save_setting' and 'post_new_pass' AJAX actions in all versi… New	CWE-862 Missing Authorization	CVE-2024-12614	2025-01-18 07:17	2025-01-16	Show	GitHub Exploit DB Packet Storm

66	7.5	HIGH Network	hirewebxperts	passwords_manager	The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX fuctions in all versions up to, and including, 1.4.8 due to insufficient escaping… New	CWE-89 SQL Injection	CVE-2024-12613	2025-01-18 07:17	2025-01-16	Show	GitHub Exploit DB Packet Storm

67	-		-	-	KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input usin… New	CWE-116 Improper Encoding or Escaping of Output	CVE-2025-23207	2025-01-18 07:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

68	6.3	MEDIUM Network	-	-	A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/edit_member.php. The manipulation o… New	CWE-89 CWE-74 SQL Injection Injection	CVE-2025-0541	2025-01-18 07:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

69	-		-	-	OtCMS <=V7.46 is vulnerable to Server-Side Request Forgery (SSRF) in /admin/read.php, which can Read system files arbitrarily. New	-	CVE-2024-57252	2025-01-18 07:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

70	-		-	-	A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A method to override this downgrade protection has been identified. New	-	CVE-2023-50738	2025-01-18 07:15	2025-01-18	Show	GitHub Exploit DB Packet Storm