Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
941	9.1	緊急 Network	フォーティネット	FortiWan	フォーティネットの FortiWan におけるパストラバーサルの脆弱性	CWE-22 CWE-305	CVE-2021-26102	2025-01-22 17:44	2021-04-27	Show	GitHub Exploit DB Packet Storm

942	4.3	警告 Network	Outlook.com	Microsoft Edge Chromium	Microsoft Edge (Chromium ベース) のなりすましの脆弱性	CWE-357 CWE-noinfo	CVE-2024-49054	2025-01-22 17:43	2024-11-21	Show	GitHub Exploit DB Packet Storm

943	7.3	重要 Local	マイクロソフト	Microsoft Windows Server 2008 Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microsoft Windows 10 Microsoft Window…	Windows インストーラーの特権の昇格の脆弱性	CWE-59 CWE-noinfo	CVE-2025-21331	2025-01-22 17:43	2025-01-14	Show	GitHub Exploit DB Packet Storm

944	7.8	重要 Local	マイクロソフト	Microsoft Office Microsoft 365 Apps	Microsoft Office Visio のリモートでコードが実行される脆弱性	CWE-416 CWE-noinfo	CVE-2025-21345	2025-01-22 17:43	2025-01-14	Show	GitHub Exploit DB Packet Storm

945	7.2	重要 Network	マイクロソフト	Microsoft SharePoint Enterprise Server Microsoft SharePoint Server	Microsoft SharePoint Server のリモートでコードが実行される脆弱性	CWE-285 CWE-noinfo	CVE-2025-21348	2025-01-22 17:43	2025-01-14	Show	GitHub Exploit DB Packet Storm

946	6.1	警告 Network	WPEverest	User Registration	WPEverest の WordPress 用 User Registration におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1720	2025-01-22 17:42	2024-03-7	Show	GitHub Exploit DB Packet Storm

947	9.8	緊急 Network	huayi-tec	jeewms	JeeWMS におけるパストラバーサルの脆弱性	CWE-22 CWE-27	CVE-2024-27764	2025-01-22 17:27	2024-03-5	Show	GitHub Exploit DB Packet Storm

948	7.5	重要 Network	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server 2025 Microsoft Windows Server&…	Windows リモートデスクトップサービスのサービス拒否の脆弱性	CWE-400 CWE-noinfo	CVE-2025-21330	2025-01-22 17:26	2025-01-14	Show	GitHub Exploit DB Packet Storm

949	7.8	重要 Local	マイクロソフト	Microsoft Office Microsoft 365 Apps Microsoft Office Online Server	Microsoft Excel のリモートでコードが実行される脆弱性	CWE-822 CWE-noinfo	CVE-2025-21354	2025-01-22 17:26	2025-01-14	Show	GitHub Exploit DB Packet Storm

950	6.7	警告 Local	マイクロソフト	Microsoft Office Microsoft 365 Apps Microsoft Outlook	Microsoft Outlook のリモートでコードが実行される脆弱性	CWE-908 CWE-noinfo	CVE-2025-21357	2025-01-22 17:26	2025-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 1, 2025, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
351	-		-	-	A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations. New	-	CVE-2025-0851	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

352	7.3	HIGH Network	-	-	A vulnerability was found in needyamin Library Card System 1.0 and classified as critical. This issue affects some unknown processing of the file admin.php of the component Login. The manipulation of… New	CWE-89 CWE-74 SQL Injection Injection	CVE-2025-0842	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

353	-		-	-	A floating-point exception (FPE) vulnerability exists in the AP4_TfraAtom::AP4_TfraAtom function in Bento4. New	-	CVE-2024-57513	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

354	-		-	-	Buffer Overflow vulnerability in Bento4 mp42avc v.3bdc891602d19789b8e8626e4a3e613a937b4d35 allows a local attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial. New	-	CVE-2024-57510	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

355	-		-	-	Buffer Overflow vulnerability in Bento4 mp42avc v.3bdc891602d19789b8e8626e4a3e613a937b4d35 allows a local attacker to execute arbitrary code via the AP4_File::ParseStream and related functions. New	-	CVE-2024-57509	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

356	-		-	-	Password Vulnerability in Safety production process management system v1.0 allows a remote attacker to escalate privileges, execute arbitrary code and obtain sensitive information via the password an… New	-	CVE-2024-57395	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

357	-		-	-	When LDAP connection is activated in Teedy versions between 1.9 to 1.12, the username field of the login form is vulnerable to LDAP injection. Due to improper sanitization of user input, an unauthent… New	-	CVE-2024-54852	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

358	-		-	-	The specific component in Celk Saude 3.1.252.1 that processes user input and returns error messages to the client is vulnerable due to improper validation or sanitization of the "erro" parameter. Thi… New	-	CVE-2024-48761	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

359	-		-	-	The /WmAdmin/,/invoke/vm.server/login login page in the Integration Server in Software AG webMethods 10.15.0 before Core_Fix7 allows remote attackers to reach the administration panel and discover ho… New	-	CVE-2024-23733	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm

360	7.5	HIGH Network	-	-	Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.3… New	-	CVE-2024-12705	2025-01-30 07:15	2025-01-30	Show	GitHub Exploit DB Packet Storm