Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
891 8.8 重要
Network 		Creativetiem academy lms kodezen の WordPress 用 academy lms における脆弱性 CWE-noinfo
情報不足 		CVE-2024-1505 2025-01-23 11:34 2024-03-13 Show GitHub Exploit DB Packet Storm
892 8.8 重要
Network 		podsfoundation pods podsfoundation の WordPress 用 pods における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2023-6967 2025-01-23 11:33 2023-12-19 Show GitHub Exploit DB Packet Storm
893 8.8 重要
Network 		WPDeveloper essential blocks WPDeveloper の WordPress 用 essential blocks における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2023-47760 2025-01-23 11:32 2023-11-9 Show GitHub Exploit DB Packet Storm
894 9.8 緊急
Network 		Zephyr Project Zephyr Zephyr Project の Zephyr における境界外書き込みに関する脆弱性 CWE-787
CWE-787
CVE-2023-5779 2025-01-23 11:31 2023-10-26 Show GitHub Exploit DB Packet Storm
895 4.3 警告
Network 		podsfoundation pods podsfoundation の WordPress 用 pods における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2023-6965 2025-01-23 11:31 2023-12-19 Show GitHub Exploit DB Packet Storm
896 8.8 重要
Network 		Sonaar Music mp3 audio player for music
 radio & podcast 		Sonaar Music の WordPress 用 mp3 audio player for music, radio & podcast における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2023-47822 2025-01-23 11:31 2023-11-12 Show GitHub Exploit DB Packet Storm
897 8.8 重要
Network 		HasThemes HT Mega - Absolute Addons For Elementor HasThemes の WordPress 用 HT Mega - Absolute Addons For Elementor におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2023-51529 2025-01-23 11:31 2023-12-20 Show GitHub Exploit DB Packet Storm
898 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. AC7 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の AC7 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-2891 2025-01-23 11:24 2024-03-26 Show GitHub Exploit DB Packet Storm
899 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. AC7 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の AC7 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-2895 2025-01-23 11:24 2024-03-26 Show GitHub Exploit DB Packet Storm
900 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. AC7 ファームウェア Shenzhen Tenda Technology Co.,Ltd. の AC7 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-2902 2025-01-23 11:24 2024-03-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 1, 2025, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
341 6.5 MEDIUM
Network 		- - A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Req… New CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2025-0848 2025-01-30 11:15 2025-01-30 Show GitHub Exploit DB Packet Storm
342 7.3 HIGH
Network 		- - A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login… New CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0847 2025-01-30 11:15 2025-01-30 Show GitHub Exploit DB Packet Storm
343 7.8 HIGH
Local 		apple macos
ipados
iphone_os
visionos
watchos
tvos 		A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious applicati… Update CWE-416
 Use After Free 		CVE-2025-24085 2025-01-30 11:00 2025-01-28 Show GitHub Exploit DB Packet Storm
344 7.3 HIGH
Network 		- - A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of… New CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0846 2025-01-30 10:15 2025-01-30 Show GitHub Exploit DB Packet Storm
345 4.3 MEDIUM
Network 		- - A vulnerability was found in needyamin Library Card System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file signup.php of the component… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2025-0844 2025-01-30 09:15 2025-01-30 Show GitHub Exploit DB Packet Storm
346 9.9 CRITICAL
Network 		- - Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network. New CWE-290
 Authentication Bypass by Spoofing 		CVE-2025-21415 2025-01-30 08:15 2025-01-30 Show GitHub Exploit DB Packet Storm
347 7.5 HIGH
Network 		- - Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network. New CWE-862
 Missing Authorization 		CVE-2025-21396 2025-01-30 08:15 2025-01-30 Show GitHub Exploit DB Packet Storm
348 7.3 HIGH
Network 		- - A vulnerability was found in needyamin Library Card System 1.0. It has been classified as critical. Affected is an unknown function of the file admindashboard.php of the component Admin Panel. The ma… New CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0843 2025-01-30 08:15 2025-01-30 Show GitHub Exploit DB Packet Storm
349 - - - JFinalCMS 1.0 is vulnerable to SQL Injection in rc/main/java/com/cms/entity/Content.java. The cause of the vulnerability is that the title parameter is controllable and is concatenated directly into … New - CVE-2024-57665 2025-01-30 08:15 2025-01-30 Show GitHub Exploit DB Packet Storm
350 5.4 MEDIUM
Network 		- - User Interface (UI) Misrepresentation of Critical Information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network Update - CVE-2025-21262 2025-01-30 08:15 2025-01-25 Show GitHub Exploit DB Packet Storm