Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 21, 2025, 10:02 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
101	6.5	警告 Network	Brizy	brizy	Brizy の WordPress 用 brizy におけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2024-1165	2025-01-20 15:14	2024-02-26	Show	GitHub Exploit DB Packet Storm

102	5.4	警告 Network	Brizy	brizy	Brizy の WordPress 用 brizy におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1291	2025-01-20 15:14	2024-03-13	Show	GitHub Exploit DB Packet Storm

103	5.4	警告 Network	Themeisle	Orbit Fox	ThemeIsle の WordPress 用 Orbit Fox におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1323	2025-01-20 15:14	2024-02-27	Show	GitHub Exploit DB Packet Storm

104	4.3	警告 Network	zestard	admin side data storage for contact form 7	zestard の WordPress 用 admin side data storage for contact form 7 におけるクロスサイトリクエストフォージェリの脆弱性 New	CWE-352 同一生成元ポリシー違反	CVE-2024-1777	2025-01-20 15:14	2024-02-23	Show	GitHub Exploit DB Packet Storm

105	9.1	緊急 Network	WPvivid	Migration Backup Staging	WPvivid の WordPress 用 Migration, Backup, Staging における SQL インジェクションの脆弱性 New	CWE-89 SQLインジェクション	CVE-2024-1982	2025-01-20 15:14	2024-02-29	Show	GitHub Exploit DB Packet Storm

106	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows 10 Microsoft Windows Server 2022 Microsoft Windows Server 2012 Microsoft Window…	Windows テレフォニーサービスのリモートでコードが実行される脆弱性 New	CWE-122 CWE-noinfo	CVE-2025-21411	2025-01-20 15:12	2025-01-14	Show	GitHub Exploit DB Packet Storm

107	7.8	重要 Local	マイクロソフト	Microsoft Outlook Microsoft Office	Microsoft Outlook のリモートでコードが実行される脆弱性 New	CWE-641 CWE-noinfo	CVE-2025-21361	2025-01-20 15:10	2025-01-14	Show	GitHub Exploit DB Packet Storm

108	6.5	警告 Network	Outlook.com	Microsoft Edge Chromium	Microsoft Edge (Chromium ベース) の情報漏えいの脆弱性 New	CWE-200 CWE-359 CWE-noinfo	CVE-2024-29987	2025-01-20 15:06	2024-04-18	Show	GitHub Exploit DB Packet Storm

109	-	-	Howyar Technologies Inc.	UEFI アプリケーション「Reloader」	Howyar 製 UEFI アプリケーション「Reloader」における署名されていないソフトウェアを実行する脆弱性 New	-	CVE-2024-7344	2025-01-20 15:02	2024-08-29	Show	GitHub Exploit DB Packet Storm

110	5.4	警告 Network	WebTechStreet	Elementor Addon Elements	WebTechStreet の WordPress 用 Elementor Addon Elements におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1422	2025-01-20 15:02	2024-03-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 21, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
491	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Dave Konopka, Martin Scharm UpDownUpDown allows Stored XSS.This issue affects UpDownUpDown: from n/a through 1.1.	CWE-352 Origin Validation Error	CVE-2025-23572	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

492	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Kelvin Ng Shortcode in Comment allows Stored XSS.This issue affects Shortcode in Comment: from n/a through 1.1.1.	CWE-352 Origin Validation Error	CVE-2025-23569	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

493	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Intuitive Design GDReseller allows Stored XSS.This issue affects GDReseller: from n/a through 1.6.	CWE-352 Origin Validation Error	CVE-2025-23567	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

494	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Syed Amir Hussain Custom Post allows Stored XSS.This issue affects Custom Post: from n/a through 1.0.	CWE-352 Origin Validation Error	CVE-2025-23566	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

495	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Elke Hinze, Plumeria Web Design Web Testimonials allows Stored XSS.This issue affects Web Testimonials: from n/a through 1.2.	CWE-352 Origin Validation Error	CVE-2025-23560	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

496	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Stepan Stepasyuk MemeOne allows Stored XSS.This issue affects MemeOne: from n/a through 2.0.5.	CWE-352 Origin Validation Error	CVE-2025-23559	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

497	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in digfish Geotagged Media allows Stored XSS.This issue affects Geotagged Media: from n/a through 0.3.0.	CWE-352 Origin Validation Error	CVE-2025-23558	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

498	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Kathleen Malone Find Your Reps allows Stored XSS.This issue affects Find Your Reps: from n/a through 1.2.	CWE-352 Origin Validation Error	CVE-2025-23557	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

499	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Shaw LH Login Page allows Reflected XSS.This issue affects LH Login Page: from n/a through …	CWE-79 Cross-site Scripting	CVE-2025-23547	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

500	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Oren hahiashvili add custom google tag manager allows Stored XSS.This issue affects add custom google tag manager: from n/a through 1.0.3.	CWE-352 Origin Validation Error	CVE-2025-23537	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm