Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 20, 2025, 6:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
671	7.5	重要 Network	Squid-cache.org NetApp	bluexp Squid	Squid-cache.org の Squid 等複数ベンダの製品における脆弱性	CWE-182 CWE-400 CWE-Other	CVE-2024-25617	2025-01-16 11:31	2024-02-14	Show	GitHub Exploit DB Packet Storm

672	6.5	警告 Network	デル	EMC PowerScale OneFS	デルの EMC PowerScale OneFS における脆弱性	CWE-687 CWE-Other	CVE-2024-49603	2025-01-16 11:31	2024-12-9	Show	GitHub Exploit DB Packet Storm

673	7.8	重要 Local	クアルコム	fastconnect 6700 ファームウェア fastconnect 6800 ファームウェア AR8035 ファームウェア qamsrv1h ファームウェア fastconnect 6200 ファームウェア qamsrv1m ファームウェア QCA6420 …	複数のクアルコム製品における整数オーバーフローの脆弱性	CWE-190 CWE-190	CVE-2023-43530	2025-01-16 11:26	2023-09-19	Show	GitHub Exploit DB Packet Storm

674	4.3	警告 Network	Themeum	Tutor LMS	Themeum の WordPress 用 Tutor LMS における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-1133	2025-01-16 11:26	2024-02-29	Show	GitHub Exploit DB Packet Storm

675	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	W15E ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の W15E ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-4119	2025-01-16 11:26	2024-04-24	Show	GitHub Exploit DB Packet Storm

676	5.4	警告 Network	Leap13	Premium Addons for Elementor	Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-4376	2025-01-16 11:26	2024-05-31	Show	GitHub Exploit DB Packet Storm

677	5.4	警告 Network	Leap13	Premium Addons for Elementor	Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-6495	2025-01-16 11:26	2024-07-12	Show	GitHub Exploit DB Packet Storm

678	7.8	重要 Local	クアルコム	qfw7124 ファームウェア AR8035 ファームウェア qamsrv1h ファームウェア SA6145P ファームウェア qcn6274 ファームウェア qcn6224 ファームウェア qamsrv1m ファームウェア QCA6584AU ファームウェア QCA8…	複数のクアルコム製品における古典的バッファオーバーフローの脆弱性	CWE-120 CWE-120	CVE-2023-43525	2025-01-16 11:16	2023-09-19	Show	GitHub Exploit DB Packet Storm

679	4.3	警告 Network	Basixonline	NEX-Forms	Basixonline の WordPress 用 NEX-Forms における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-0907	2025-01-16 11:16	2024-02-29	Show	GitHub Exploit DB Packet Storm

680	6.5	警告 Network	servit	affiliate-toolkit	servit の WordPress 用 affiliate-toolkit における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-1851	2025-01-16 11:16	2024-03-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 20, 2025, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
121	-		-	-	In multiple functions of Parcel.cpp, there is a possible way to bypass address space layout randomization. This could lead to local escalation of privilege with no additional execution privileges nee… New	-	CVE-2018-9434	2025-01-18 08:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

122	-		-	-	In multiple locations, there is a possible way to bypass KASLR due to an unusual root cause. This could lead to local information disclosure with System execution privileges needed. User interaction … New	-	CVE-2018-9384	2025-01-18 08:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

123	-		-	-	In asn1_ber_decoder of asn1_decoder.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. U… New	-	CVE-2018-9383	2025-01-18 08:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

124	-		-	-	In multiple functions of WifiServiceImpl.java, there is a possible way to activate Wi-Fi hotspot from a non-owner profile due to a missing permission check. This could lead to local escalation of pri… New	-	CVE-2018-9382	2025-01-18 08:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

125	-		-	-	In multiple functions of MiniThumbFile.java, there is a possible way to view the thumbnails of deleted photos due to a confused deputy. This could lead to local information disclosure with no additio… New	-	CVE-2018-9379	2025-01-18 08:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

126	-		-	-	In multiple functions of UserDictionaryProvider.java, there is a possible way to add and delete words in the user dictionary due to a confused deputy. This could lead to local escalation of privilege… New	-	CVE-2018-9375	2025-01-18 08:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

127	-		-	-	In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access to emergency services due to a logic error in the code. This could lead to a local denial of service w… New	-	CVE-2017-13322	2025-01-18 08:15	2025-01-18	Show	GitHub Exploit DB Packet Storm

128	3.3	LOW Local	termius	termius	An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a crafted script to the DYLD_INSERT_LIBRARIES component. Update	CWE-426 Untrusted Search Path	CVE-2024-55503	2025-01-18 07:51	2025-01-16	Show	GitHub Exploit DB Packet Storm

129	3.3	LOW Local	phiewer	phiewer	In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote control and unauthorized access to sensitive user data. Update	CWE-426 Untrusted Search Path	CVE-2024-53407	2025-01-18 07:51	2025-01-16	Show	GitHub Exploit DB Packet Storm

130	6.5	MEDIUM Network	hirewebxperts	passwords_manager	The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX actions in all versions up to, and including, 1.4.8 due to insufficient escaping … Update	CWE-89 SQL Injection	CVE-2024-12615	2025-01-18 07:17	2025-01-16	Show	GitHub Exploit DB Packet Storm