Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":Jan. 22, 2025, 6:04 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 71 | 7.3 |
重要
Local |
Rockwell Automation | Arena | Rockwell Automation の Arena における初期化されていないリソースの使用に関する脆弱性 New |
CWE-908
初期化されていないリソースの使用 |
CVE-2024-11364 | 2025-01-22 15:57 | 2024-12-19 | Show | GitHub Exploit DB Packet Storm |
| 72 | 9.8 |
緊急
Network The Biosig Project |
Fedora Project
Fedora |
libbiosig
The Biosig Project の libbiosig 等複数ベンダの製品における二重解放に関する脆弱性
New
|
CWE-415
|
二重解放
CVE-2024-22097
|
2025-01-22 15:57 |
2024-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 73 | 4.9 |
警告
Network |
webtrees.net | webtrees | webtrees.net の webtrees におけるパストラバーサルの脆弱性 New |
CWE-22 CWE-31 |
CVE-2024-22723 | 2025-01-22 15:57 | 2024-02-28 | Show | GitHub Exploit DB Packet Storm |
| 74 | 9.8 |
緊急
Network Fortra |
filecatalyst workflow
|
Fortra の filecatalyst workflow における誤った領域へのリソースの漏えいに関する脆弱性
New
|
CWE-472 |
CWE-668
CVE-2024-25153
|
2025-01-22 15:57 |
2024-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 75 | 9.8 |
緊急
Network アバイア |
Avaya IP Office
|
アバイアの Avaya IP Office における脆弱性
New
|
CWE-20 |
CWE-noinfo
CVE-2024-4196
|
2025-01-22 15:40 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 76 | 9.8 |
緊急
Network BlackBerry |
QNX Software Development Platform
|
BlackBerry の QNX Software Development Platform における境界外書き込みに関する脆弱性
New
|
CWE-787 |
CWE-787
CVE-2024-48856
|
2025-01-22 15:40 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 77 | 5.4 |
警告
Network |
Autolab project | Autolab | Autolab project の Autolab における不正な認証に関する脆弱性 New |
CWE-863
不正な認証 |
CVE-2024-52584 | 2025-01-22 15:40 | 2024-11-18 | Show | GitHub Exploit DB Packet Storm |
| 78 | 7.8 |
重要
Local |
マイクロソフト |
Microsoft Office Microsoft 365 Apps |
Microsoft Office Visio のリモートでコードが実行される脆弱性 New |
CWE-122 CWE-843 CWE-noinfo |
CVE-2025-21356 | 2025-01-22 15:37 | 2025-01-14 | Show | GitHub Exploit DB Packet Storm |
| 79 | 9.8 |
緊急
Network マイクロフォーカス株式会社 |
imanager
|
マイクロフォーカス株式会社の imanager における XML 外部エンティティの脆弱性
New
|
CWE-611 |
CWE-611
CVE-2024-3486
|
2025-01-22 15:37 |
2024-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 80 | 8.8 |
重要
Network |
Shenzhen Tenda Technology Co.,Ltd. | F1202 ファームウェア | Shenzhen Tenda Technology Co.,Ltd. の F1202 ファームウェアにおける境界外書き込みに関する脆弱性 New |
CWE-121 CWE-787 |
CVE-2024-3876 | 2025-01-22 15:37 | 2024-04-16 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:Jan. 22, 2025, 4:11 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 541 | 7.8 |
HIGH
Local |
adobe | illustrator | Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user… |
CWE-191
Integer Underflow (Wrap or Wraparound) |
CVE-2025-21134 | 2025-01-17 05:43 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 542 | 8.8 |
HIGH
Network |
chrome | Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CWE-125
Out-of-bounds Read |
CVE-2025-0437 | 2025-01-17 05:35 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm | |
| 543 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2022_23h2 windows_11_23h2 windows_10_1607 windows_10_1809 windows_10_1507 windows_10_21h2 windows_10_22h2 windows_11_… |
Windows Telephony Service Remote Code Execution Vulnerability |
NVD-CWE-noinfo
|
CVE-2025-21417 | 2025-01-17 05:34 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 544 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability |
NVD-CWE-noinfo
|
CVE-2025-21413 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 545 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability |
NVD-CWE-noinfo
|
CVE-2025-21411 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 546 | 8.8 |
HIGH
Network |
microsoft |
windows_server_2008 windows_server_2012 windows_server_2025 windows_server_2022_23h2 windows_10_1507 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows… |
Windows Telephony Service Remote Code Execution Vulnerability |
NVD-CWE-noinfo
|
CVE-2025-21409 | 2025-01-17 05:33 | 2025-01-15 | Show | GitHub Exploit DB Packet Storm |
| 547 | - | - | - | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in carrotbits Greek Namedays Widget From Eortologio.Net allows Stored XSS.This issue affects Greek N… |
CWE-79
Cross-site Scripting |
CVE-2025-23783 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm | |
| 548 | - | - | - | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Revolutionart Marmoset Viewer allows Stored XSS.This issue affects Marmoset Viewer: from n/a thro… |
CWE-79
Cross-site Scripting |
CVE-2025-23767 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm | |
| 549 | - | - | - | Cross-Site Request Forgery (CSRF) vulnerability in Mahdi Khaksar mybb Last Topics allows Stored XSS.This issue affects mybb Last Topics: from n/a through 1.0. |
CWE-352
Origin Validation Error |
CVE-2025-23749 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm | |
| 550 | - | - | - | Cross-Site Request Forgery (CSRF) vulnerability in Tussendoor internet & marketing Call me Now allows Stored XSS.This issue affects Call me Now: from n/a through 1.0.5. |
CWE-352
Origin Validation Error |
CVE-2025-23745 | 2025-01-17 05:15 | 2025-01-17 | Show | GitHub Exploit DB Packet Storm |