Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
691 5.3 警告
Network 		Fedora Project
Moodle		 Fedora
Moodle 		Moodle の Moodle 等複数ベンダの製品における脆弱性 CWE-233
CWE-noinfo
CVE-2024-25979 2025-01-24 12:25 2024-02-19 Show GitHub Exploit DB Packet Storm
692 5.3 警告
Network 		Fedora Project
Moodle		 Fedora
Moodle 		Moodle の Moodle 等複数ベンダの製品における脆弱性 CWE-284
CWE-noinfo
CVE-2024-25981 2025-01-24 12:25 2024-02-19 Show GitHub Exploit DB Packet Storm
693 9.8 緊急
Network 		PHOENIX CONTACT charx sec-3100 ファームウェア
charx sec-3050 ファームウェア
charx sec-3000 ファームウェア
charx sec-3150 ファームウェア 		複数の PHOENIX CONTACT 製品における同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2024-25996 2025-01-24 12:25 2024-03-12 Show GitHub Exploit DB Packet Storm
694 4.8 警告
Network 		PHOENIX CONTACT charx sec-3100 ファームウェア
charx sec-3050 ファームウェア
charx sec-3000 ファームウェア
charx sec-3150 ファームウェア 		複数の PHOENIX CONTACT 製品における不完全なクリーンアップに関する脆弱性 CWE-459
不完全なクリーンアップ 		CVE-2024-26005 2025-01-24 12:25 2024-03-12 Show GitHub Exploit DB Packet Storm
695 5.4 警告
Network 		Leap13 premium addons Leap13 の WordPress 用 premium addons におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1996 2025-01-24 12:06 2024-03-13 Show GitHub Exploit DB Packet Storm
696 9.8 緊急
Network 		abocms abo.cms abocms の abo.cms における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-25227 2025-01-24 12:06 2024-03-15 Show GitHub Exploit DB Packet Storm
697 5.4 警告
Network 		Basixonline NEX-Forms Basixonline の WordPress 用 NEX-Forms におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-25593 2025-01-24 12:06 2024-03-15 Show GitHub Exploit DB Packet Storm
698 7.2 重要
Network 		PaperCut Software International Pty PaperCut MF
PaperCut NG 		PaperCut Software International Pty の PaperCut MF および PaperCut NG における脆弱性 CWE-76
CWE-Other
CVE-2024-1882 2025-01-24 12:01 2024-03-14 Show GitHub Exploit DB Packet Storm
699 4.3 警告
Network 		themelooks enter addons themelooks の WordPress 用 enter addons におけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2024-10868 2025-01-24 12:01 2024-11-23 Show GitHub Exploit DB Packet Storm
700 7.5 重要
Network 		utarit SoliPay Mobile App utarit の SoliPay Mobile App における脆弱性 CWE-648
CWE-noinfo
CVE-2023-4993 2025-01-24 11:56 2023-09-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 7, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1031 - - - CMSimple 5.16 allows the user to edit log.php file via print page. - CVE-2024-57548 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
1032 - - - Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files. - CVE-2024-57547 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
1033 - - - An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function. - CVE-2024-57546 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
1034 - - - Cross Site Request Forgery vulnerability in LifestyleStore v.1.0 allows a remote attacker to execute arbitrary cod and obtain sensitive information. - CVE-2024-57373 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
1035 - - - An issue in youdiancms v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter in the index.php file. - CVE-2024-57052 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
1036 - - - In AXESS ACS (Auto Configuration Server) through 5.2.0, unsanitized user input in the TR069 API allows remote unauthenticated attackers to cause a permanent Denial of Service via crafted TR069 reques… - CVE-2024-56316 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
1037 - - - An issue was discovered in Couchbase Server 7.6.x through 7.6.3. A user with the security_admin_local role can create a new user in a group that has the admin role. - CVE-2024-56178 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
1038 - - - Cross Site Scripting vulnerability in AdGuard Application v.7.18.1 (4778) and before allows an attacker to execute arbitrary code via a crafted payload to the fontMatrix component. - CVE-2024-48662 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
1039 - - - A type confusion issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18… - CVE-2025-24137 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
1040 - - - An issue in Midea Group Co., Ltd Midea Home iOS 9.3.12 allows attackers to access sensitive user information via supplying a crafted link. - CVE-2024-56972 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm