Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 11, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1 7.5 重要
Network 		インテル
Fedora Project		 Intel Wireless for Open Source
Fedora 		インテルの Intel Wireless for Open Source 等複数ベンダの製品における初期化に関する脆弱性 New CWE-665
不適切な初期化 		CVE-2024-28084 2025-01-10 18:32 2024-03-3 Show GitHub Exploit DB Packet Storm
2 2.7
Network 		Mitel Networks Corporation MiCollab Mitel Networks Corporation の MiCollab におけるパストラバーサルの脆弱性 New CWE-22
CWE-22
CVE-2024-55550 2025-01-10 18:30 2024-12-10 Show GitHub Exploit DB Packet Storm
3 5.4 警告
Network 		Leap13 Premium Addons for Elementor Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4378 2025-01-10 18:30 2024-05-23 Show GitHub Exploit DB Packet Storm
4 6.5 警告
Network 		Wpmet elementskit Wpmet の WordPress 用 elementskit におけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2024-43996 2025-01-10 18:30 2024-09-23 Show GitHub Exploit DB Packet Storm
5 5.4 警告
Network 		FastLine Media LLC Beaver Builder FastLine Media LLC の WordPress 用 Beaver Builder におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4430 2025-01-10 18:30 2024-05-14 Show GitHub Exploit DB Packet Storm
6 5.4 警告
Network 		ThimPress LearnPress ThimPress の WordPress 用 LearnPress におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4971 2025-01-10 18:29 2024-05-22 Show GitHub Exploit DB Packet Storm
7 6.4 警告
Network 		WPDeveloper Essential Addons for Elementor WPDeveloper の WordPress 用 Essential Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-3333 2025-01-10 18:27 2024-04-17 Show GitHub Exploit DB Packet Storm
8 6.4 警告
Network 		Leap13 Premium Addons for Elementor Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-3647 2025-01-10 18:27 2024-05-2 Show GitHub Exploit DB Packet Storm
9 6.4 警告
Network 		Royal Elementor Addons Royal Elementor Addons and Templates Royal Elementor Addons の WordPress 用 Royal Elementor Addons and Templates におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-3675 2025-01-10 18:27 2024-05-2 Show GitHub Exploit DB Packet Storm
10 6.5 警告
Network 		ZITADEL ZITADEL ZITADEL における脆弱性 New CWE-200
CWE-noinfo
CVE-2024-39683 2025-01-10 18:27 2024-07-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 12, 2025, 4:59 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
161 - - - Cross-Site Request Forgery (CSRF) vulnerability in Drupal POST File allows Cross Site Request Forgery.This issue affects POST File: from 0.0.0 before 1.0.2. New - CVE-2024-13293 2025-01-11 04:15 2025-01-10 Show GitHub Exploit DB Packet Storm
162 - - - Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful Browsing.This issue affects Basic HTTP Authentication: from 7.X-1.0 before 7.X-1.4. New - CVE-2024-13291 2025-01-11 04:15 2025-01-10 Show GitHub Exploit DB Packet Storm
163 9.8 CRITICAL
Network 		campcodes school_faculty_scheduling_system A vulnerability was found in Campcodes School Faculty Scheduling System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipula… Update NVD-CWE-Other
CVE-2025-0211 2025-01-11 04:02 2025-01-5 Show GitHub Exploit DB Packet Storm
164 9.8 CRITICAL
Network 		campcodes student_grading_system A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /view_students.php. The manipulation of the argument id… Update CWE-89
SQL Injection 		CVE-2025-0212 2025-01-11 03:57 2025-01-5 Show GitHub Exploit DB Packet Storm
165 9.8 CRITICAL
Network 		campcodes project_management_system A vulnerability was found in Campcodes Project Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forms/update_forms.php?action=change_pic2&… Update CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2025-0213 2025-01-11 03:55 2025-01-5 Show GitHub Exploit DB Packet Storm
166 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: bpf: put bpf_link's program when link is safe to be deallocated In general, BPF link's underlying BPF program should be considere… New NVD-CWE-noinfo
CVE-2024-56786 2025-01-11 03:53 2025-01-9 Show GitHub Exploit DB Packet Storm
167 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - Breadcrumbs2 extension allows Cross-Site Scripting (XSS).… New - CVE-2025-23078 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
168 - - - During MegaBIP installation process, a user is encouraged to change a default path to administrative portal, as keeping it secret is listed by the author as one of the protection mechanisms.  Publicl… New - CVE-2024-6880 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
169 - - - Websites managed by MegaBIP in versions below 5.15 are vulnerable to Cross-Site Request Forgery (CSRF) as the form available under "/edytor/index.php?id=7,7,0" lacks protection mechanisms. A user cou… New - CVE-2024-6662 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm
170 - - - Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. New - CVE-2024-57228 2025-01-11 03:15 2025-01-11 Show GitHub Exploit DB Packet Storm