Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
931 7.5 重要
Network 		StylemixThemes MasterStudy LMS StylemixThemes の WordPress 用 MasterStudy LMS における脆弱性 CWE-noinfo
情報不足 		CVE-2024-2106 2025-01-23 11:09 2024-03-13 Show GitHub Exploit DB Packet Storm
932 9.8 緊急
Network 		The Biosig Project
Fedora Project		 libbiosig
Fedora 		The Biosig Project の libbiosig 等複数ベンダの製品における二重解放に関する脆弱性 CWE-415
二重解放 		CVE-2024-23809 2025-01-23 11:09 2024-02-20 Show GitHub Exploit DB Packet Storm
933 9.6 緊急
Network 		lfprojects mlflow lfprojects の mlflow におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-27132 2025-01-23 11:09 2024-02-23 Show GitHub Exploit DB Packet Storm
934 5.4 警告
Network 		IBM IBM Sterling Partner Engagement Manager IBM の IBM Sterling Partner Engagement Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2023-28517 2025-01-23 10:49 2023-03-16 Show GitHub Exploit DB Packet Storm
935 9.8 緊急
Network 		IBM Trusteer Android SDK for mobile
Trusteer iOS SDK for mobile 		IBM の Trusteer Android SDK for mobile および Trusteer iOS SDK for mobile における脆弱性 CWE-434
CWE-noinfo
CVE-2022-42443 2025-01-23 10:25 2022-10-6 Show GitHub Exploit DB Packet Storm
936 8.2 重要
Network 		Apache Software Foundation Apache Pulsar Apache Software Foundation の Apache Pulsar における重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2022-34321 2025-01-23 10:12 2022-06-22 Show GitHub Exploit DB Packet Storm
937 6.1 警告
Network 		properfraction profilepress properfraction の WordPress 用 profilepress におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1519 2025-01-23 10:12 2024-02-29 Show GitHub Exploit DB Packet Storm
938 5.4 警告
Network 		properfraction profilepress properfraction の WordPress 用 profilepress におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1535 2025-01-23 10:12 2024-03-13 Show GitHub Exploit DB Packet Storm
939 5.4 警告
Network 		exclusiveaddons exclusive addons for elementor exclusiveaddons の WordPress 用 exclusive addons for elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-2028 2025-01-23 10:12 2024-03-13 Show GitHub Exploit DB Packet Storm
940 9.8 緊急
Network 		The Biosig Project
Fedora Project		 libbiosig
Fedora 		The Biosig Project の libbiosig 等複数ベンダの製品における整数アンダーフローの脆弱性 CWE-191
整数アンダーフロー 		CVE-2024-23313 2025-01-23 10:12 2024-02-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 8, 2025, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1021 7.8 HIGH
Local 		apple macos An integer overflow was addressed through improved input validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to elevate privileges. CWE-190
 Integer Overflow or Wraparound 		CVE-2025-24156 2025-01-31 01:43 2025-01-28 Show GitHub Exploit DB Packet Storm
1022 5.5 MEDIUM
Local 		apple iphone_os
visionos
macos
watchos
tvos
ipados 		The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a… NVD-CWE-noinfo
CVE-2025-24161 2025-01-31 01:34 2025-01-28 Show GitHub Exploit DB Packet Storm
1023 7.5 HIGH
Network 		apple ipados
iphone_os
macos 		A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. A remote attacker may be able to cause a denial-of-servic… CWE-476
 NULL Pointer Dereference 		CVE-2025-24177 2025-01-31 01:26 2025-01-28 Show GitHub Exploit DB Packet Storm
1024 - - - go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixe… CWE-248
 Uncaught Exception 		CVE-2025-24883 2025-01-31 01:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1025 - - - kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, … CWE-285
Improper Authorization 		CVE-2025-24784 2025-01-31 01:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1026 - - - kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespace… CWE-285
CWE-155
CVE-2025-24376 2025-01-31 01:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1027 - - - Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was discovered in Argo CD that exposed secret values in error messages and the diff view when an invalid Kube… CWE-200
CWE-209
Information Exposure
Information Exposure Through an Error Message 		CVE-2025-23216 2025-01-31 01:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1028 - - - VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plu… - CVE-2025-22222 2025-01-31 01:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1029 - - - VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability. A malicious actor with admin privileges to VMware Aria Operations for Logs may be able to inject a malicious scrip… - CVE-2025-22221 2025-01-31 01:15 2025-01-31 Show GitHub Exploit DB Packet Storm
1030 - - - VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability. A malicious actor with non-administrative privileges may be able to inject a malicious script that (can perform … - CVE-2025-22219 2025-01-31 01:15 2025-01-31 Show GitHub Exploit DB Packet Storm