Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
831	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2022 Microsoft Windows Server 2025	Microsoft Resilient File System の特権昇格の脆弱性	CWE-416 CWE-noinfo	CVE-2025-21315	2025-01-23 11:58	2025-01-14	Show	GitHub Exploit DB Packet Storm

832	4.3	警告 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 Microsoft Windows Server 2012 Microsoft Windows Server 2022 Microsoft Window…	MapUrlToZone セキュリティ機能のバイパスの脆弱性	CWE-41 CWE-noinfo	CVE-2025-21329	2025-01-23 11:58	2025-01-14	Show	GitHub Exploit DB Packet Storm

833	4.9	警告 Network	フォーティネット	FortiAnalyzer FortiManager FortiAnalyzer-BigData	複数のフォーティネット製品におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2024-32117	2025-01-23 11:50	2024-11-12	Show	GitHub Exploit DB Packet Storm

834	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	AC7 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の AC7 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-2900	2025-01-23 11:49	2024-03-26	Show	GitHub Exploit DB Packet Storm

835	9.8	緊急 Network	StylemixThemes	MasterStudy LMS	StylemixThemes の WordPress 用 MasterStudy LMS における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-37094	2025-01-23 11:49	2024-11-1	Show	GitHub Exploit DB Packet Storm

836	8.8	重要 Network	Sonaar Music	mp3 audio player for music radio & podcast	Sonaar Music の WordPress 用 mp3 audio player for music, radio & podcast における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-56266	2025-01-23 11:49	2024-12-18	Show	GitHub Exploit DB Packet Storm

837	6.5	警告 Network	フォーティネット	FortiSOAR	フォーティネットの FortiSOAR における保存または転送前の重要な情報の削除に関する脆弱性	CWE-212 保存または転送前の重要な情報の不適切な削除	CVE-2024-31493	2025-01-23 11:48	2024-05-14	Show	GitHub Exploit DB Packet Storm

838	5.4	警告 Network	Themeisle	otter blocks	ThemeIsle の WordPress 用 otter blocks におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-3343	2025-01-23 11:48	2024-04-11	Show	GitHub Exploit DB Packet Storm

839	9.8	緊急 Network	Shenzhen Tenda Technology Co.,Ltd.	AC18 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の AC18 ファームウェアにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2024-57583	2025-01-23 11:48	2025-01-16	Show	GitHub Exploit DB Packet Storm

840	8.8	重要 Network	jfinaloa project	jfinaloa	jfinaloa project の jfinaloa における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-57769	2025-01-23 11:48	2025-01-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 1, 2025, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
279561	-	lotus	domino	Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non…	NVD-CWE-Other	CVE-2002-2191	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

279562	-	lotus	domino	This issue is present on Lotus Domino Server with the 'DominoNoBanner' set to a value of '1'.	NVD-CWE-Other	CVE-2002-2191	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

279563	-	perception	liteserve	Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote attackers to execute arbitrary web script via (1) a Host: header when DNS wildcards are supported or (2) the query…	NVD-CWE-Other	CVE-2002-2192	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

279564	-	perception	liteserve	This vulnerability is limited to server configurations with Wildcard DNS enabled.	NVD-CWE-Other	CVE-2002-2192	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

279565	-	mojo_mail	mojo_mail	Cross-site scripting (XSS) vulnerability in mojo.cgi for Mojo Mail 2.7 allows remote attackers to inject arbitrary web script via the email parameter.	NVD-CWE-Other	CVE-2002-2193	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

279566	-	nullsoft	winamp	Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.	NVD-CWE-Other	CVE-2002-2195	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

279567	-	samba	samba	Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2002-2196	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

279568	-	zmailer	zmailer	Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to execute arbitrary code during HELO processing from an IPv6 address, possibly using an address that resolves to a long hostname.	NVD-CWE-Other	CVE-2002-2198	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

279569	-	webmin	webmin	The Printer Administration module for Webmin 0.990 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the printer name.	NVD-CWE-Other	CVE-2002-2201	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

279570	-	microsoft	outlook_express	Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email.	NVD-CWE-Other	CVE-2002-2202	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed