Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 12, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1 7.5 重要
Network 		インテル
Fedora Project		 Intel Wireless for Open Source
Fedora 		インテルの Intel Wireless for Open Source 等複数ベンダの製品における初期化に関する脆弱性 New CWE-665
不適切な初期化 		CVE-2024-28084 2025-01-10 18:32 2024-03-3 Show GitHub Exploit DB Packet Storm
2 2.7
Network 		Mitel Networks Corporation MiCollab Mitel Networks Corporation の MiCollab におけるパストラバーサルの脆弱性 New CWE-22
CWE-22
CVE-2024-55550 2025-01-10 18:30 2024-12-10 Show GitHub Exploit DB Packet Storm
3 5.4 警告
Network 		Leap13 Premium Addons for Elementor Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4378 2025-01-10 18:30 2024-05-23 Show GitHub Exploit DB Packet Storm
4 6.5 警告
Network 		Wpmet elementskit Wpmet の WordPress 用 elementskit におけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2024-43996 2025-01-10 18:30 2024-09-23 Show GitHub Exploit DB Packet Storm
5 5.4 警告
Network 		FastLine Media LLC Beaver Builder FastLine Media LLC の WordPress 用 Beaver Builder におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4430 2025-01-10 18:30 2024-05-14 Show GitHub Exploit DB Packet Storm
6 5.4 警告
Network 		ThimPress LearnPress ThimPress の WordPress 用 LearnPress におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4971 2025-01-10 18:29 2024-05-22 Show GitHub Exploit DB Packet Storm
7 6.4 警告
Network 		WPDeveloper Essential Addons for Elementor WPDeveloper の WordPress 用 Essential Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-3333 2025-01-10 18:27 2024-04-17 Show GitHub Exploit DB Packet Storm
8 6.4 警告
Network 		Leap13 Premium Addons for Elementor Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-3647 2025-01-10 18:27 2024-05-2 Show GitHub Exploit DB Packet Storm
9 6.4 警告
Network 		Royal Elementor Addons Royal Elementor Addons and Templates Royal Elementor Addons の WordPress 用 Royal Elementor Addons and Templates におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-3675 2025-01-10 18:27 2024-05-2 Show GitHub Exploit DB Packet Storm
10 6.5 警告
Network 		ZITADEL ZITADEL ZITADEL における脆弱性 New CWE-200
CWE-noinfo
CVE-2024-39683 2025-01-10 18:27 2024-07-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 12, 2025, 4:59 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
201 - - - TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the opmode parameter in the action_reboot function. New - CVE-2024-57212 2025-01-11 02:15 2025-01-11 Show GitHub Exploit DB Packet Storm
202 - - - TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the modifyOne parameter in the enable_wsh function. New - CVE-2024-57211 2025-01-11 02:15 2025-01-11 Show GitHub Exploit DB Packet Storm
203 - - - An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private key and access sensitive data or execute a man-in-the-middle attack. New - CVE-2024-54849 2025-01-11 02:15 2025-01-11 Show GitHub Exploit DB Packet Storm
204 - - - Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks. New - CVE-2024-54848 2025-01-11 02:15 2025-01-11 Show GitHub Exploit DB Packet Storm
205 - - - An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to access the Diffie-Hellman (DH) parameters and access sensitive data or execute a man-in-the-middle attack. New - CVE-2024-54847 2025-01-11 02:15 2025-01-11 Show GitHub Exploit DB Packet Storm
206 - - - An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack. New - CVE-2024-54846 2025-01-11 02:15 2025-01-11 Show GitHub Exploit DB Packet Storm
207 - - - Vaultwarden v1.32.5 was discovered to contain an authenticated reflected cross-site scripting (XSS) vulnerability via the component /api/core/mod.rs. New - CVE-2024-55226 2025-01-11 02:15 2025-01-10 Show GitHub Exploit DB Packet Storm
208 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Entity Form Steps allows Cross-Site Scripting (XSS).This issue affects Entity Form Steps: … New - CVE-2024-13305 2025-01-11 02:15 2025-01-10 Show GitHub Exploit DB Packet Storm
209 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client) allows Cross-Site Scriptin… New - CVE-2024-13301 2025-01-11 02:15 2025-01-10 Show GitHub Exploit DB Packet Storm
210 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Tarte au Citron allows Cross-Site Scripting (XSS).This issue affects Tarte au Citron: from… New - CVE-2024-13298 2025-01-11 02:15 2025-01-10 Show GitHub Exploit DB Packet Storm