NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:Jan. 5, 2025, 4:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
401	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-23391	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

402	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-23390	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

403	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-23389	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

404	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21721	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

405	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21720	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

406	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21719	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

407	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21718	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

408	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21717	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

409	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21716	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

410	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21715	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

411	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21714	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

412	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21713	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

413	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21712	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

414	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21711	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

415	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21710	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

416	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21709	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

417	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21708	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

418	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21705	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

419	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21704	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

420	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21702	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

421	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21701	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

422	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21696	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

423	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21695	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

424	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21694	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

425	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21693	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

426	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21692	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

427	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21691	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

428	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21688	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

429	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21679	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

430	-	-	-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2024-21675	2025-01-1 09:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

431	-	-	-	-	Ghostty is a cross-platform terminal emulator. Ghostty, as allowed by default in 1.0.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to …	CWE-94 Code Injection	CVE-2024-56803	2025-01-1 08:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

432	-	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS.This issue affects Essential Addons …	CWE-79 Cross-site Scripting	CVE-2024-56063	2025-01-1 08:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

433	-	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from…	CWE-79 Cross-site Scripting	CVE-2024-56062	2025-01-1 08:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

434	-	-	-	-	A vulnerability, which was classified as critical, has been found in PHPGurukul Land Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. The manipula…	CWE-89 CWE-74 SQL Injection Injection	CVE-2024-13085	2025-01-1 08:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

435	-	-	-	-	A vulnerability classified as critical was found in PHPGurukul Land Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search-property.php. The manipulat…	CWE-89 CWE-74 SQL Injection Injection	CVE-2024-13084	2025-01-1 07:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

436	-	-	-	-	A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. Affected is an unknown function of the file /admin/admin-profile.php. The manipulation of the argument A…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2024-13083	2025-01-1 07:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

437	-	-	-	-	A vulnerability was found in PHPGurukul Land Record System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/search-property.php. The manipulation o…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2024-13082	2025-01-1 06:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

438	-	-	-	-	A vulnerability was found in PHPGurukul Land Record System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/contactus.php. The manipulation of the …	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2024-13081	2025-01-1 06:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

439	-	-	-	-	A vulnerability was found in PHPGurukul Land Record System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/aboutus.php. The manipulation of the argument Pa…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2024-13080	2025-01-1 05:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

440	-	-	-	-	A vulnerability, which was classified as problematic, was found in PHPGurukul Land Record System 1.0. Affected is an unknown function of the file /admin/add-property.php. The manipulation of the argu…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2024-13077	2025-01-1 04:15	2025-01-1	Show	GitHub Exploit DB Packet Storm

441	-	-	-	-	GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.	-	CVE-2024-56738	2025-01-1 04:15	2024-12-29	Show	GitHub Exploit DB Packet Storm

442	-	-	-	-	GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem.	-	CVE-2024-56737	2025-01-1 04:15	2024-12-29	Show	GitHub Exploit DB Packet Storm

443	-	-	-	-	The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand() function, which is not a secure source of random bits.	-	CVE-2018-25107	2025-01-1 04:15	2024-12-29	Show	GitHub Exploit DB Packet Storm

444	-	-	-	-	SmartAgent v1.1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tests/interface.php.	-	CVE-2024-50713	2025-01-1 04:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

445	-	-	-	-	An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. An Observable Response Discrepancy vulnerability in the sendPasswordReinit…	-	CVE-2024-54454	2025-01-1 04:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

446	-	-	-	-	An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. A path traversal vulnerability in the DocServlet servlet allows remote att…	-	CVE-2024-54453	2025-01-1 04:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

447	-	-	-	-	Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data.	-	CVE-2024-39025	2025-01-1 04:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

448	-	-	-	-	An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely.	-	CVE-2024-56521	2025-01-1 04:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

449	-	-	-	-	oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift.	-	CVE-2024-56431	2025-01-1 04:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

450	-	-	-	-	Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to ve…	-	CVE-2024-43441	2025-01-1 04:15	2024-12-24	Show	GitHub Exploit DB Packet Storm