Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1081 5.4 警告
Network 		POSIMYTH The Plus Addons for Elementor Page Builder POSIMYTH の WordPress 用 The Plus Addons for Elementor Page Builder におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-3197 2025-01-22 10:35 2024-05-2 Show GitHub Exploit DB Packet Storm
1082 8.8 重要
Network 		XWiki xwiki XWiki の xwiki における認証の欠如に関する脆弱性 CWE-862
CWE-862
CVE-2024-31983 2025-01-22 10:35 2024-04-10 Show GitHub Exploit DB Packet Storm
1083 6.1 警告
Network 		PrestaShop PrestaShop PrestaShop におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-79
CVE-2024-34716 2025-01-22 10:35 2024-05-14 Show GitHub Exploit DB Packet Storm
1084 9.8 緊急
Network 		マイクロフォーカス株式会社 imanager マイクロフォーカス株式会社の imanager におけるコマンドインジェクションの脆弱性 CWE-434
CWE-502
CWE-502
CWE-77
CWE-77
CVE-2024-3483 2025-01-22 10:35 2024-05-15 Show GitHub Exploit DB Packet Storm
1085 9.8 緊急
Network 		マイクロフォーカス株式会社 imanager マイクロフォーカス株式会社の imanager における危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-20
CWE-434
CVE-2024-3488 2025-01-22 10:35 2024-05-15 Show GitHub Exploit DB Packet Storm
1086 5.4 警告
Network 		oretnom23 computer laboratory management system oretnom23 の computer laboratory management system におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-3695 2025-01-22 10:35 2024-04-12 Show GitHub Exploit DB Packet Storm
1087 7.3 重要
Local 		マイクロソフト Microsoft Visual Studio Visual Studio の特権の昇格の脆弱性 CWE-284
CWE-noinfo
CVE-2025-21405 2025-01-22 10:09 2025-01-14 Show GitHub Exploit DB Packet Storm
1088 7.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Microsoft Access 		Microsoft Access のリモート コードが実行される脆弱性 CWE-416
CWE-noinfo
CVE-2025-21366 2025-01-22 10:06 2025-01-14 Show GitHub Exploit DB Packet Storm
1089 8.4 重要
Local 		マイクロソフト Microsoft Office
Microsoft Office Online Server
Microsoft Excel
Microsoft 365 Apps 		Microsoft Excel のリモートでコードが実行される脆弱性 CWE-416
CWE-noinfo
CVE-2025-21362 2025-01-22 09:48 2025-01-14 Show GitHub Exploit DB Packet Storm
1090 7.8 重要
Local 		マイクロソフト Microsoft AutoUpdate Microsoft AutoUpdate (MAU) の特権昇格の脆弱性 CWE-269
CWE-noinfo
CVE-2025-21360 2025-01-22 09:43 2025-01-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 2, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
251 - - - This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vul… New - CVE-2024-23968 2025-01-31 09:15 2025-01-31 Show GitHub Exploit DB Packet Storm
252 - - - This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetoo… New - CVE-2024-23963 2025-01-31 09:15 2025-01-31 Show GitHub Exploit DB Packet Storm
253 - - - This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The spec… New - CVE-2024-23962 2025-01-31 09:15 2025-01-31 Show GitHub Exploit DB Packet Storm
254 - - - This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability… New - CVE-2024-23937 2025-01-31 09:15 2025-01-31 Show GitHub Exploit DB Packet Storm
255 - - - This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required t… New - CVE-2024-23928 2025-01-31 09:15 2025-01-31 Show GitHub Exploit DB Packet Storm
256 - - - An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2 in which cross-s… New CWE-352
 Origin Validation Error 		CVE-2024-1211 2025-01-31 09:15 2025-01-31 Show GitHub Exploit DB Packet Storm
257 - - - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.5 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. GitLab was vuln… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2023-6195 2025-01-31 09:15 2025-01-31 Show GitHub Exploit DB Packet Storm
258 - - - pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Incorrect symlink checks on user specified dojos allows for users (admin not requ… New CWE-200
CWE-61
Information Exposure
 UNIX Symbolic Link (Symlink) Following 		CVE-2025-24886 2025-01-31 08:15 2025-01-31 Show GitHub Exploit DB Packet Storm
259 - - - pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Missing access control on rendering custom (unprivileged) dojo pages causes abili… New CWE-79
CWE-284
Cross-site Scripting
Improper Access Control 		CVE-2025-24885 2025-01-31 08:15 2025-01-31 Show GitHub Exploit DB Packet Storm
260 - - - A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/saveroutine.php. The manipulation of … New - CVE-2025-0881 2025-01-31 07:15 2025-01-31 Show GitHub Exploit DB Packet Storm