Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 27, 2025, 12:03 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
991 7.8 重要
Local
Progress Software Corporation telerik reporting Progress Software Corporation の telerik reporting における信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
CWE-502
CVE-2024-4200 2025-01-17 15:00 2024-05-15 Show GitHub Exploit DB Packet Storm
992 6.5 警告
Network
Progress Software Corporation telerik reporting Progress Software Corporation の telerik reporting における XML 外部エンティティの脆弱性 CWE-611
CWE-611
CVE-2024-4357 2025-01-17 15:00 2024-05-15 Show GitHub Exploit DB Packet Storm
993 5.3 警告
Network
BoldGrid W3 Total Cache BoldGrid の WordPress 用 W3 Total Cache における認証の欠如に関する脆弱性 CWE-862
認証の欠如
CVE-2024-12006 2025-01-17 15:00 2024-12-1 Show GitHub Exploit DB Packet Storm
994 5.3 警告
Network
vyperlang vyper vyperlang の Python 用 vyper における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り
CVE-2024-24564 2025-01-17 15:00 2024-02-26 Show GitHub Exploit DB Packet Storm
995 6.1 警告
Network
sfu open journal systems sfu の open journal systems におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-25436 2025-01-17 15:00 2024-03-1 Show GitHub Exploit DB Packet Storm
996 5.3 警告
Network
vyperlang vyper vyperlang の Python 用 vyper における脆弱性 CWE-119
CWE-noinfo
CVE-2024-26149 2025-01-17 15:00 2024-02-26 Show GitHub Exploit DB Packet Storm
997 7.3 重要
Network
MantisBT Group MantisBT MantisBT Group の MantisBT における脆弱性 CWE-305
CWE-620
CWE-Other
CVE-2024-34077 2025-01-17 15:00 2024-05-14 Show GitHub Exploit DB Packet Storm
998 5.4 警告
Network
Vanderbilt redcap Vanderbilt の redcap におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-79
CVE-2024-56376 2025-01-17 15:00 2024-12-22 Show GitHub Exploit DB Packet Storm
999 6.8 警告
Physics
マイクロソフト Microsoft Windows Server 2022
Microsoft Windows 10
Microsoft Windows 11
Microsoft Windows Server 2019
Windows モバイル ブロードバンド ドライバーのリモート コード実行に対する脆弱性 CWE-190
CWE-noinfo
CVE-2024-30021 2025-01-17 15:00 2024-05-14 Show GitHub Exploit DB Packet Storm
1000 6.5 警告
Network
マイクロソフト Microsoft Windows Server 2008
Microsoft Windows Server 2022
Microsoft Windows Server 2019
Microsoft Windows Server 2012
Microso…
DHCP Server サービスのサービス拒否の脆弱性 CWE-400
CWE-noinfo
CVE-2024-30019 2025-01-17 14:51 2024-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 27, 2025, 4:07 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
91 7.2 HIGH
Network
aipower aipower The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.8.96 via deserialization of untrusted input from the $form['post_conten… Update CWE-502
 Deserialization of Untrusted Data
CVE-2025-0429 2025-01-25 05:51 2025-01-22 Show GitHub Exploit DB Packet Storm
92 7.3 HIGH
Network
gamipress gamipress The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via the gamipress_ajax_get_logs… Update CWE-94
Code Injection
CVE-2024-13495 2025-01-25 05:46 2025-01-22 Show GitHub Exploit DB Packet Storm
93 7.5 HIGH
Network
gamipress gamipress The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versi… Update CWE-89
SQL Injection
CVE-2024-13496 2025-01-25 05:45 2025-01-22 Show GitHub Exploit DB Packet Storm
94 7.3 HIGH
Network
gamipress gamipress The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipress_do_shortcode() fu… Update CWE-94
Code Injection
CVE-2024-13499 2025-01-25 05:37 2025-01-22 Show GitHub Exploit DB Packet Storm
95 3.5 LOW
Network
- - A vulnerability was found in fumiao opencms 2.2. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/model/addOrUpdate of the component Add Model Managemen… New CWE-79
CWE-94
Cross-site Scripting
Code Injection
CVE-2025-0708 2025-01-25 05:15 2025-01-25 Show GitHub Exploit DB Packet Storm
96 7.8 HIGH
Local
- - A vulnerability was found in Rise Group Rise Mode Temp CPU 2.1. It has been classified as critical. This affects an unknown part in the library CRYPTBASE.dll of the component Startup. The manipulatio… New CWE-426
 Untrusted Search Path
CVE-2025-0707 2025-01-25 05:15 2025-01-25 Show GitHub Exploit DB Packet Storm
97 2.4 LOW
Network
- - A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/s… New CWE-79
CWE-94
Cross-site Scripting
Code Injection
CVE-2025-0706 2025-01-25 05:15 2025-01-25 Show GitHub Exploit DB Packet Storm
98 - - - InnoShop V.0.3.8 and below is vulnerable to Cross Site Scripting (XSS) via SVG file upload. New - CVE-2024-57277 2025-01-25 05:15 2025-01-25 Show GitHub Exploit DB Packet Storm
99 - - - SQL injection vulnerability in Go-CMS v.1.1.10 allows a remote attacker to execute arbitrary code via a crafted payload. New - CVE-2024-57095 2025-01-25 05:15 2025-01-25 Show GitHub Exploit DB Packet Storm
100 - - - A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' section of their profile. New - CVE-2024-57041 2025-01-25 05:15 2025-01-25 Show GitHub Exploit DB Packet Storm