Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
781 7.5 重要
Network 		F5 Networks BIG-IP Advanced Firewall Manager (AFM)
BIG-IP Analytics
BIG-IP Link Controller
BIG-IP Application Security Manager (ASM)
BIG-IP … 		複数の F5 Networks 製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
CWE-770
CVE-2024-23979 2025-01-24 10:24 2024-02-14 Show GitHub Exploit DB Packet Storm
782 9.8 緊急
Network 		PaperCut Software International Pty PaperCut MF
PaperCut NG 		PaperCut Software International Pty の PaperCut MF および PaperCut NG における脆弱性 CWE-250
CWE-Other
CVE-2024-1222 2025-01-24 10:21 2024-03-14 Show GitHub Exploit DB Packet Storm
783 5.4 警告
Network 		exclusiveaddons exclusive addons for elementor exclusiveaddons の WordPress 用 exclusive addons for elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1234 2025-01-24 10:21 2024-03-13 Show GitHub Exploit DB Packet Storm
784 5.3 警告
Network 		Themeum Tutor LMS Themeum の WordPress 用 Tutor LMS における認証の欠如に関する脆弱性 CWE-284
CWE-862
CVE-2024-10393 2025-01-24 10:21 2024-11-21 Show GitHub Exploit DB Packet Storm
785 4.8 警告
Network 		Pixelite events manager Pixelite の WordPress 用 events manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-0614 2025-01-24 10:20 2024-03-13 Show GitHub Exploit DB Packet Storm
786 8.8 重要
Network 		PluginUs.Net HUSKY - Products Filter for WooCommerce Professional PluginUs.Net の WordPress 用 HUSKY - Products Filter for WooCommerce Professional におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2023-50861 2025-01-24 10:19 2023-12-14 Show GitHub Exploit DB Packet Storm
787 5.5 警告
Local 		Google Android Google の Android における脆弱性 CWE-noinfo
情報不足 		CVE-2017-13322 2025-01-24 10:18 2017-08-23 Show GitHub Exploit DB Packet Storm
788 7.5 重要
Network 		PHOENIX CONTACT charx sec-3150 ファームウェア
charx sec-3100 ファームウェア
charx sec-3000 ファームウェア
charx sec-3050 ファームウェア 		複数の PHOENIX CONTACT 製品における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2024-26003 2025-01-24 10:10 2024-03-12 Show GitHub Exploit DB Packet Storm
789 5 警告
Network 		PHOENIX CONTACT charx sec-3150 ファームウェア
charx sec-3100 ファームウェア
charx sec-3000 ファームウェア
charx sec-3050 ファームウェア 		複数の PHOENIX CONTACT 製品におけるコマンドインジェクションの脆弱性 CWE-20
CWE-77
CVE-2024-28135 2025-01-24 10:10 2024-05-14 Show GitHub Exploit DB Packet Storm
790 9.8 緊急
Network 		ZyXEL NAS 326 ファームウェア
NAS 542 ファームウェア 		ZyXEL の NAS 326 ファームウェアおよび NAS 542 ファームウェアにおける OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-29972 2025-01-24 10:10 2024-06-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 3, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
481 - - - Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is compromised.  The patch for this vulnerability will be included in a future r… - CVE-2024-55931 2025-01-29 21:15 2025-01-27 Show GitHub Exploit DB Packet Storm
482 - - - Xerox Workplace Suite has weak default folder permissions that allow unauthorized users to access, modify, or delete files - CVE-2024-55930 2025-01-29 21:15 2025-01-24 Show GitHub Exploit DB Packet Storm
483 - - - A mail spoofing vulnerability in Xerox Workplace Suite allows attackers to forge email headers, making it appear as though messages are sent from trusted sources. - CVE-2024-55929 2025-01-29 21:15 2025-01-24 Show GitHub Exploit DB Packet Storm
484 - - - Xerox Workplace Suite exposes sensitive secrets in clear text, both locally and remotely. This vulnerability allows attackers to intercept or access secrets without encryption - CVE-2024-55928 2025-01-29 21:15 2025-01-24 Show GitHub Exploit DB Packet Storm
485 - - - A vulnerability in Xerox Workplace Suite arises from flawed token generation and the use of hard-coded keys. These weaknesses allow attackers to predict or forge tokens, leading to unauthorized acces… - CVE-2024-55927 2025-01-29 21:15 2025-01-24 Show GitHub Exploit DB Packet Storm
486 - - - A vulnerability found in Xerox Workplace Suite allows arbitrary file read, upload, and deletion on the server through crafted header manipulation. By exploiting improper validation of headers, attack… - CVE-2024-55926 2025-01-29 21:15 2025-01-24 Show GitHub Exploit DB Packet Storm
487 - - - In Xerox Workplace Suite, an API restricted to specific hosts can be bypassed by manipulating the Host header. If the server improperly validates or trusts the Host header without verifying the actua… - CVE-2024-55925 2025-01-29 21:15 2025-01-24 Show GitHub Exploit DB Packet Storm
488 - - - An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential enti… CWE-776
XML Entity Expansion 		CVE-2025-0617 2025-01-29 20:15 2025-01-29 Show GitHub Exploit DB Packet Storm
489 - - - When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root ( https://githu… - CVE-2021-3978 2025-01-29 19:15 2025-01-29 Show GitHub Exploit DB Packet Storm
490 - - - In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute('href',href) call. NOTE: some parties feel that… - CVE-2024-57965 2025-01-29 19:15 2025-01-29 Show GitHub Exploit DB Packet Storm