Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
701 7.5 重要
Network 		utarit SoliPay Mobile App utarit の SoliPay Mobile App におけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2023-6255 2025-01-24 11:56 2023-11-22 Show GitHub Exploit DB Packet Storm
702 9.8 緊急
Network 		デル Enterprise Storage Integrator for SAP Landscape Management デルの Enterprise Storage Integrator for SAP Landscape Management における脆弱性 CWE-319
CWE-noinfo
CVE-2023-39245 2025-01-24 11:56 2023-07-26 Show GitHub Exploit DB Packet Storm
703 7.8 重要
Local 		ESET ESET Endpoint Antivirus
ESET Mail Security
ESET Internet Security
ESET NOD32アンチウイルス
ESET File Security
ESET Server Security
ES… 		複数の ESET 製品における脆弱性 CWE-269
CWE-noinfo
CVE-2024-0353 2025-01-24 11:56 2024-02-15 Show GitHub Exploit DB Packet Storm
704 7.5 重要
Network 		F5 Networks BIG-IP Advanced Firewall Manager (AFM) F5 Networks の BIG-IP Advanced Firewall Manager (AFM) における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
CWE-770
CVE-2024-21771 2025-01-24 11:55 2024-02-14 Show GitHub Exploit DB Packet Storm
705 9.6 緊急
Network 		F5 Networks BIG-IP Advanced Firewall Manager (AFM)
BIG-IP Analytics
BIG-IP Link Controller
BIG-IP Application Security Manager (ASM)
BIG-IP … 		複数の F5 Networks 製品におけるコマンドインジェクションの脆弱性 CWE-77
CWE-77
CVE-2024-22093 2025-01-24 11:55 2024-02-14 Show GitHub Exploit DB Packet Storm
706 4.4 警告
Local 		F5 Networks BIG-IP Advanced Firewall Manager (AFM)
BIG-IP Analytics
BIG-IP Link Controller
BIG-IP Application Security Manager (ASM)
BIG-IP … 		複数の F5 Networks 製品における脆弱性 CWE-266
CWE-noinfo
CVE-2024-23976 2025-01-24 11:55 2024-02-14 Show GitHub Exploit DB Packet Storm
707 5.5 警告
Local 		Google Android Google の Android における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2018-9406 2025-01-24 11:55 2018-04-5 Show GitHub Exploit DB Packet Storm
708 7.2 重要
Network 		HCL Technologies Limited HCL BigFix Platform HCL Technologies Limited の HCL BigFix Platform におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2023-45705 2025-01-24 11:55 2023-10-10 Show GitHub Exploit DB Packet Storm
709 6.1 警告
Network 		AlgoSec AlgoSec FireFlow AlgoSec の AlgoSec FireFlow におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-79
CVE-2023-46596 2025-01-24 11:55 2023-10-23 Show GitHub Exploit DB Packet Storm
710 9.8 緊急
Network 		Zephyr Project Zephyr Zephyr Project の Zephyr における不正な型変換に関する脆弱性 CWE-704
CWE-704
CVE-2023-6249 2025-01-24 11:55 2023-11-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1061 - - - An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to show subscription's information of others users by changing th… CWE-284
Improper Access Control 		CVE-2025-0739 2025-01-30 20:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1062 6.4 MEDIUM
Network 		- - The Clinked Client Portal plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'clinked-login-button' shortcode in all versions up to, and including, 1.9 due to insuffic… CWE-79
Cross-site Scripting 		CVE-2024-12524 2025-01-30 20:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1063 - - - Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could po… CWE-428
 Unquoted Search Path or Element 		CVE-2025-21107 2025-01-30 19:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1064 - - - Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Won… CWE-269
 Improper Privilege Management 		CVE-2025-0834 2025-01-30 18:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1065 6.4 MEDIUM
Network 		- - The EthereumICO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ethereum-ico shortcode in all versions up to, and including, 2.4.6 due to insufficient input sanitiz… CWE-79
Cross-site Scripting 		CVE-2024-12921 2025-01-30 15:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1066 - - - The Tracking Code Manager WordPress plugin before 2.4.0 does not sanitise and escape some of its metabox settings when outputing them in the page, which could allow users with a role as low as Contri… - CVE-2024-10309 2025-01-30 15:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1067 - - - Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A high privileged attacker wit… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2025-23374 2025-01-30 14:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1068 6.5 MEDIUM
Network 		- - A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Req… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2025-0848 2025-01-30 11:15 2025-01-30 Show GitHub Exploit DB Packet Storm
1069 7.8 HIGH
Local 		apple macos
ipados
iphone_os
visionos
watchos
tvos 		A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious applicati… CWE-416
 Use After Free 		CVE-2025-24085 2025-01-30 11:00 2025-01-28 Show GitHub Exploit DB Packet Storm
1070 9.9 CRITICAL
Network 		- - Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network. CWE-290
 Authentication Bypass by Spoofing 		CVE-2025-21415 2025-01-30 08:15 2025-01-30 Show GitHub Exploit DB Packet Storm