Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 24, 2025, 12:05 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
51	4.9	警告 Network	openautomationsoftware	oas platform	openautomationsoftware の oas platform における入力確認に関する脆弱性 New	CWE-20 不適切な入力確認	CVE-2024-27201	2025-01-24 11:19	2024-04-3	Show	GitHub Exploit DB Packet Storm

52	5.4	警告 Network	Livemesh	Livemesh Addons for Elementor	Livemesh の WordPress 用 Livemesh Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-27986	2025-01-24 11:19	2024-03-14	Show	GitHub Exploit DB Packet Storm

53	7.5	重要 Network	Nextcloud	Nextcloud Server	Nextcloud の Nextcloud Server における重要な情報の平文保存に関する脆弱性 New	CWE-312 重要な情報の平文保存	CVE-2024-52525	2025-01-24 11:19	2024-11-15	Show	GitHub Exploit DB Packet Storm

54	5.4	警告 Network	moveaddons	move addons for elementor	moveaddons の WordPress 用 move addons for elementor におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-47396	2025-01-24 11:18	2024-10-1	Show	GitHub Exploit DB Packet Storm

55	4.8	警告 Network	GLPI-PROJECT.ORG	GLPI	GLPI-PROJECT.ORG の GLPI におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-47759	2025-01-24 11:18	2024-11-15	Show	GitHub Exploit DB Packet Storm

56	-	-	OpenSSL Project	OpenSSL	OpenSSL における秘密鍵のタイミング攻撃に対する問題 (OpenSSL Security Advisory [20th January 2025]) New	CWE-345 データの信頼性についての不十分な検証	CVE-2024-13176	2025-01-24 11:17	2024-01-23	Show	GitHub Exploit DB Packet Storm

57	6.5	警告 Adjacent	Zephyr Project	Zephyr	Zephyr Project の Zephyr における整数アンダーフローの脆弱性 New	CWE-126 CWE-190 CWE-191	CVE-2024-3077	2025-01-24 11:17	2024-03-29	Show	GitHub Exploit DB Packet Storm

58	8.8	重要 Network	LifterLMS	LifterLMS	WordPress 用 LifterLMS におけるクロスサイトリクエストフォージェリの脆弱性 New	CWE-352 同一生成元ポリシー違反	CVE-2024-31363	2025-01-24 11:17	2024-04-12	Show	GitHub Exploit DB Packet Storm

59	7.8	重要 Local	PHOENIX CONTACT	charx sec-3150 ファームウェア charx sec-3100 ファームウェア charx sec-3000 ファームウェア charx sec-3050 ファームウェア	複数の PHOENIX CONTACT 製品における入力確認に関する脆弱性 New	CWE-20 不適切な入力確認	CVE-2024-26002	2025-01-24 11:16	2024-03-12	Show	GitHub Exploit DB Packet Storm

60	8.7	重要 Network	PHOENIX CONTACT	charx sec-3150 ファームウェア charx sec-3100 ファームウェア charx sec-3000 ファームウェア charx sec-3050 ファームウェア	複数の PHOENIX CONTACT 製品における重要な情報の平文での送信に関する脆弱性 New	CWE-319 重要な情報の平文での送信	CVE-2024-26288	2025-01-24 11:16	2024-03-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
278301	-	norman_ramsey	noweb	Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script.	NVD-CWE-Other	CVE-2003-0381	2008-09-6 05:34	2003-07-24	Show	GitHub Exploit DB Packet Storm

278302	-	rsa	ace_agent	Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause u…	NVD-CWE-Other	CVE-2003-0389	2008-09-6 05:34	2003-07-24	Show	GitHub Exploit DB Packet Storm

278303	-	smc_networks	barricade_wireless_cable_dsl_broadband_router	SMC Networks Barricade Wireless Cable/DSL Broadband Router SMC7004VWBR allows remote attackers to cause a denial of service via certain packets to PPTP port 1723 on the internal interface.	NVD-CWE-Other	CVE-2003-0419	2008-09-6 05:34	2003-07-24	Show	GitHub Exploit DB Packet Storm

278304	-	apple	darwin_streaming_server	Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different v…	NVD-CWE-Other	CVE-2003-0421	2008-09-6 05:34	2003-08-27	Show	GitHub Exploit DB Packet Storm

278305	-	apple	darwin_streaming_server	The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator passwo…	NVD-CWE-Other	CVE-2003-0426	2008-09-6 05:34	2003-08-27	Show	GitHub Exploit DB Packet Storm

278306	-	gnocatan-develop	gnocatan	Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code.	NVD-CWE-Other	CVE-2003-0433	2008-09-6 05:34	2003-07-24	Show	GitHub Exploit DB Packet Storm

278307	-	yuuichi_teranishi	eldav	eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.	NVD-CWE-Other	CVE-2003-0438	2008-09-6 05:34	2003-07-24	Show	GitHub Exploit DB Packet Storm

278308	-	webfs	webfs	Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI.	NVD-CWE-Other	CVE-2003-0445	2008-09-6 05:34	2003-07-24	Show	GitHub Exploit DB Packet Storm

278309	-	xblockout	xbl	Multiple buffer overflows in xbl before 1.0k allow local users to gain privileges via certain long command line arguments.	NVD-CWE-Other	CVE-2003-0451	2008-09-6 05:34	2003-08-7	Show	GitHub Exploit DB Packet Storm

278310	-	gunnar_ritter	osh	Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell restrictions via (1) long environment variables or (2) long "file redirections."	NVD-CWE-Other	CVE-2003-0452	2008-09-6 05:34	2003-08-7	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed