NVD Vulnerability Information Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

Update Date:Jan. 10, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
751 - -
- - In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional… - CVE-2024-20143 2025-01-7 00:15 2025-01-6 Show GitHub Exploit DB Packet Storm
752 - -
- - In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User … - CVE-2024-20140 2025-01-7 00:15 2025-01-6 Show GitHub Exploit DB Packet Storm
753 - -
- - In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User in… - CVE-2024-20105 2025-01-7 00:15 2025-01-6 Show GitHub Exploit DB Packet Storm
754 - -
- - An issue was discovered in Optimizely EPiServer.CMS.Core before 12.22.0. A high-severity Stored Cross-Site Scripting (XSS) vulnerability exists in the CMS, allowing malicious actors to inject and exe… - CVE-2025-22388 2025-01-7 00:15 2025-01-4 Show GitHub Exploit DB Packet Storm
755 - -
- - An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. Thi… - CVE-2025-22383 2025-01-7 00:15 2025-01-4 Show GitHub Exploit DB Packet Storm
756 5.4 MEDIUM
Network 		phpgurukul land_record_system A vulnerability classified as problematic was found in PHPGurukul Land Record System 1.0. This vulnerability affects unknown code of the file /admin/add-propertytype.php. The manipulation of the argu… CWE-79
Cross-site Scripting 		CVE-2024-13075 2025-01-6 23:57 2025-01-1 Show GitHub Exploit DB Packet Storm
757 5.4 MEDIUM
Network 		phpgurukul land_record_system A vulnerability, which was classified as problematic, was found in PHPGurukul Land Record System 1.0. Affected is an unknown function of the file /admin/add-property.php. The manipulation of the argu… CWE-79
Cross-site Scripting 		CVE-2024-13077 2025-01-6 23:51 2025-01-1 Show GitHub Exploit DB Packet Storm
758 5.4 MEDIUM
Network 		phpgurukul land_record_system A vulnerability, which was classified as problematic, has been found in PHPGurukul Land Record System 1.0. This issue affects some unknown processing of the file /admin/edit-propertytype.php. The man… CWE-79
Cross-site Scripting 		CVE-2024-13076 2025-01-6 23:51 2025-01-1 Show GitHub Exploit DB Packet Storm
759 8.8 HIGH
Network 		phpgurukul land_record_system A vulnerability was found in PHPGurukul Land Record System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/property-details.php. The manipulati… CWE-89
SQL Injection 		CVE-2024-13079 2025-01-6 23:49 2025-01-1 Show GitHub Exploit DB Packet Storm
760 8.8 HIGH
Network 		phpgurukul land_record_system A vulnerability has been found in PHPGurukul Land Record System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of … CWE-89
SQL Injection 		CVE-2024-13078 2025-01-6 23:49 2025-01-1 Show GitHub Exploit DB Packet Storm
761 5.4 MEDIUM
Network 		phpgurukul land_record_system A vulnerability was found in PHPGurukul Land Record System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/contactus.php. The manipulation of the … CWE-79
Cross-site Scripting 		CVE-2024-13081 2025-01-6 23:47 2025-01-1 Show GitHub Exploit DB Packet Storm
762 5.4 MEDIUM
Network 		phpgurukul land_record_system A vulnerability was found in PHPGurukul Land Record System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/aboutus.php. The manipulation of the argument Pa… CWE-79
Cross-site Scripting 		CVE-2024-13080 2025-01-6 23:47 2025-01-1 Show GitHub Exploit DB Packet Storm
763 6.1 MEDIUM
Network 		phpgurukul land_record_system A vulnerability was found in PHPGurukul Land Record System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/search-property.php. The manipulation o… CWE-79
Cross-site Scripting 		CVE-2024-13082 2025-01-6 23:46 2025-01-1 Show GitHub Exploit DB Packet Storm
764 5.4 MEDIUM
Network 		phpgurukul land_record_system A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. Affected is an unknown function of the file /admin/admin-profile.php. The manipulation of the argument A… CWE-79
Cross-site Scripting 		CVE-2024-13083 2025-01-6 23:45 2025-01-1 Show GitHub Exploit DB Packet Storm
765 9.8 CRITICAL
Network 		phpgurukul land_record_system A vulnerability classified as critical was found in PHPGurukul Land Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search-property.php. The manipulat… CWE-89
SQL Injection 		CVE-2024-13084 2025-01-6 23:44 2025-01-1 Show GitHub Exploit DB Packet Storm
766 9.8 CRITICAL
Network 		phpgurukul land_record_system A vulnerability, which was classified as critical, has been found in PHPGurukul Land Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. The manipula… CWE-89
SQL Injection 		CVE-2024-13085 2025-01-6 23:43 2025-01-1 Show GitHub Exploit DB Packet Storm
767 - -
- - OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which attackers can use to inject unexpected arbitrary data into third-party executables or plug-ins. - CVE-2024-5594 2025-01-6 23:15 2025-01-6 Show GitHub Exploit DB Packet Storm
768 - -
- - The Email Subscribers by Icegram Express WordPress plugin before 5.7.44 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks - CVE-2024-12311 2025-01-6 23:15 2025-01-6 Show GitHub Exploit DB Packet Storm
769 - -
- - The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks - CVE-2024-12302 2025-01-6 23:15 2025-01-6 Show GitHub Exploit DB Packet Storm
770 - -
- - The Pods WordPress plugin before 3.2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even w… - CVE-2024-11849 2025-01-6 23:15 2025-01-6 Show GitHub Exploit DB Packet Storm
771 - -
- - The tourmaster WordPress plugin before 5.3.4 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting att… - CVE-2024-11356 2025-01-6 23:15 2025-01-6 Show GitHub Exploit DB Packet Storm
772 3.9 LOW
Physics 		- - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TUBITAK BILGEM Pardus OS My Computer allows OS Command Injection.This issue affects Pardus … CWE-78
OS Command  		CVE-2024-12970 2025-01-6 21:15 2025-01-6 Show GitHub Exploit DB Packet Storm
773 5.5 MEDIUM
Local 		- - Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend. CWE-126
 Buffer Over-read 		CVE-2024-45559 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
774 7.5 HIGH
Network 		- - Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. CWE-126
 Buffer Over-read 		CVE-2024-45558 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
775 8.4 HIGH
Local 		- - Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling th… CWE-787
 Out-of-bounds Write 		CVE-2024-45555 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
776 7.8 HIGH
Local 		- - Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may … CWE-416
 Use After Free 		CVE-2024-45553 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
777 7.8 HIGH
Local 		- - Memory corruption occurs when invoking any IOCTL-calling application that executes all MCDM driver IOCTL calls. CWE-129
 Improper Validation of Array Index 		CVE-2024-45550 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
778 7.8 HIGH
Local 		- - Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call. CWE-126
 Buffer Over-read 		CVE-2024-45548 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
779 7.8 HIGH
Local 		- - Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality. CWE-120
Classic Buffer Overflow 		CVE-2024-45547 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
780 7.8 HIGH
Local 		- - Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space. CWE-126
 Buffer Over-read 		CVE-2024-45546 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
781 7.8 HIGH
Local 		- - Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. CWE-121
Stack-based Buffer Overflow 		CVE-2024-45542 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
782 7.8 HIGH
Local 		- - Memory corruption when IOCTL call is invoked from user-space to read board data. CWE-120
Classic Buffer Overflow 		CVE-2024-45541 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
783 7.5 HIGH
Local 		- - Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2024-43064 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
784 6.1 MEDIUM
Local 		- - information disclosure while invoking the mailbox read API. CWE-126
 Buffer Over-read 		CVE-2024-43063 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
785 6.1 MEDIUM
Local 		- - Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. CWE-126
 Buffer Over-read 		CVE-2024-33067 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
786 6.8 MEDIUM
Local 		- - Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process. CWE-126
 Buffer Over-read 		CVE-2024-33061 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
787 6.7 MEDIUM
Local 		- - Memory corruption while processing frame command IOCTL calls. CWE-416
 Use After Free 		CVE-2024-33059 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
788 6.7 MEDIUM
Local 		- - Memory corruption while invoking IOCTL calls to unmap the DMA buffers. CWE-416
 Use After Free 		CVE-2024-33055 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
789 6.7 MEDIUM
Local 		- - Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls, CWE-823
 Use of Out-of-range Pointer Offset 		CVE-2024-33041 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
790 6.6 MEDIUM
Local 		- - Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size. CWE-126
 Buffer Over-read 		CVE-2024-23366 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
791 8.4 HIGH
Local 		- - Memory corruption while processing IPA statistics, when there are no active clients registered. CWE-120
Classic Buffer Overflow 		CVE-2024-21464 2025-01-6 20:15 2025-01-6 Show GitHub Exploit DB Packet Storm
792 - -
- - A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uplo… CWE-284
CWE-434
Improper Access Control
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-13145 2025-01-6 10:15 2025-01-6 Show GitHub Exploit DB Packet Storm
793 - -
- - A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogCont… CWE-284
CWE-434
Improper Access Control
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-13144 2025-01-6 09:15 2025-01-6 Show GitHub Exploit DB Packet Storm
794 - -
- - A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/Per… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2024-13143 2025-01-6 09:15 2025-01-6 Show GitHub Exploit DB Packet Storm
795 - -
- - A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/course.php. The manipulation of the argu… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0233 2025-01-6 08:15 2025-01-6 Show GitHub Exploit DB Packet Storm
796 - -
- - A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects the function submitAddRole of the file src/main/java/com/zero/system/controlle… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2024-13142 2025-01-6 08:15 2025-01-6 Show GitHub Exploit DB Packet Storm
797 - -
- - A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /successadmin.php. The manipulation… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0232 2025-01-6 07:15 2025-01-6 Show GitHub Exploit DB Packet Storm
798 - -
- - A vulnerability has been found in Codezips Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/admin/submit_payment… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0231 2025-01-6 07:15 2025-01-6 Show GitHub Exploit DB Packet Storm
799 - -
- - A vulnerability, which was classified as critical, was found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file /admin/print.php. The manipulation of the argument… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0230 2025-01-6 06:15 2025-01-6 Show GitHub Exploit DB Packet Storm
800 - -
- - A vulnerability, which was classified as critical, has been found in code-projects Travel Management System 1.0. This issue affects some unknown processing of the file /enquiry.php. The manipulation … CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0229 2025-01-6 05:15 2025-01-6 Show GitHub Exploit DB Packet Storm