Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 12:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
921	7.5	重要 Network	マイクロフォーカス株式会社	imanager	マイクロフォーカス株式会社の imanager におけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 CWE-918	CVE-2024-3485	2025-01-22 16:35	2024-05-15	Show	GitHub Exploit DB Packet Storm

922	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	F1202 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の F1202 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-3877	2025-01-22 16:35	2024-04-16	Show	GitHub Exploit DB Packet Storm

923	9.8	緊急 Network	マイクロフォーカス株式会社	imanager	マイクロフォーカス株式会社の imanager における脆弱性	CWE-20 CWE-noinfo	CVE-2024-3968	2025-01-22 16:35	2024-05-15	Show	GitHub Exploit DB Packet Storm

924	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	4g300 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の 4g300 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-4166	2025-01-22 16:35	2024-04-25	Show	GitHub Exploit DB Packet Storm

925	6.1	警告 Network	Fortra	FileCatalyst Direct	Fortra の FileCatalyst Direct におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2024-25155	2025-01-22 16:35	2024-03-13	Show	GitHub Exploit DB Packet Storm

926	8.8	重要 Network	XWiki	xwiki	XWiki の xwiki における認証の欠如に関する脆弱性	CWE-862 CWE-862	CVE-2024-31981	2025-01-22 16:35	2024-04-10	Show	GitHub Exploit DB Packet Storm

927	8.8	重要 Network	XWiki	xwiki	XWiki の xwiki における認証の欠如に関する脆弱性	CWE-862 CWE-862	CVE-2024-31987	2025-01-22 16:35	2024-04-10	Show	GitHub Exploit DB Packet Storm

928	5.4	警告 Network	bdthemes	element pack	bdthemes の WordPress 用 element pack におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-32572	2025-01-22 16:35	2024-04-18	Show	GitHub Exploit DB Packet Storm

929	5.4	警告 Network	webangon	the pack elementor addons	webangon の WordPress 用 the pack elementor addons におけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2024-32718	2025-01-22 16:35	2024-04-24	Show	GitHub Exploit DB Packet Storm

930	5.4	警告 Network	Leap13	Premium Addons for Elementor	Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-32791	2025-01-22 16:35	2024-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
241	-	-	-	Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files. New	-	CVE-2024-57547	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

242	-	-	-	An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function. New	-	CVE-2024-57546	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

243	-	-	-	Cross Site Request Forgery vulnerability in LifestyleStore v.1.0 allows a remote attacker to execute arbitrary cod and obtain sensitive information. New	-	CVE-2024-57373	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

244	-	-	-	An issue in youdiancms v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter in the index.php file. New	-	CVE-2024-57052	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

245	-	-	-	In AXESS ACS (Auto Configuration Server) through 5.2.0, unsanitized user input in the TR069 API allows remote unauthenticated attackers to cause a permanent Denial of Service via crafted TR069 reques… New	-	CVE-2024-56316	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

246	-	-	-	An issue was discovered in Couchbase Server 7.6.x through 7.6.3. A user with the security_admin_local role can create a new user in a group that has the admin role. New	-	CVE-2024-56178	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

247	-	-	-	Incorrect access control in BYD QIN PLUS DM-i Dilink OS 3.0_13.1.7.2204050.1 allows unauthorized attackers to access system logcat logs. New	-	CVE-2024-54728	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

248	-	-	-	Cross Site Scripting vulnerability in AdGuard Application v.7.18.1 (4778) and before allows an attacker to execute arbitrary code via a crafted payload to the fontMatrix component. New	-	CVE-2024-48662	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

249	-	-	-	A type confusion issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18… New	-	CVE-2025-24137	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

250	-	-	-	An issue in Midea Group Co., Ltd Midea Home iOS 9.3.12 allows attackers to access sensitive user information via supplying a crafted link. New	-	CVE-2024-56972	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm