Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 30, 2025, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
111 4.3 警告
Network 		PropertyHive PropertyHive WordPress 用 PropertyHive における認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2024-37204 2025-01-30 09:36 2024-11-1 Show GitHub Exploit DB Packet Storm
112 5.4 警告
Network 		bdthemes element pack bdthemes の WordPress 用 element pack におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-3925 2025-01-30 09:36 2024-06-12 Show GitHub Exploit DB Packet Storm
113 9.8 緊急
Network 		netentsec application security gateway netentsec の application security gateway における SQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2024-5772 2025-01-30 09:36 2024-06-9 Show GitHub Exploit DB Packet Storm
114 6.5 警告
Network 		Rank Math seo Rank Math の WordPress 用 seo における認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2024-9161 2025-01-30 09:36 2024-10-5 Show GitHub Exploit DB Packet Storm
115 7.2 重要
Network 		Rank Math seo Rank Math の WordPress 用 seo における信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2024-9314 2025-01-30 09:35 2024-10-5 Show GitHub Exploit DB Packet Storm
116 7.8 重要
Local 		マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server … 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 Update CWE-noinfo
情報不足 		CVE-2019-0890 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
117 7.8 重要
Local 		マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server … 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 Update CWE-noinfo
情報不足 		CVE-2019-0891 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
118 7.8 重要
Local 		マイクロソフト Microsoft Windows 10
Microsoft Windows Server 		複数の Microsoft Windows 製品における権限を昇格される脆弱性 Update CWE-noinfo
情報不足 		CVE-2019-0892 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
119 7.8 重要
Local 		マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server … 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 Update CWE-noinfo
情報不足 		CVE-2019-0893 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
120 7.8 重要
Local 		マイクロソフト Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows RT 8.1
Microsoft Windows Server … 		複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 Update CWE-noinfo
情報不足 		CVE-2019-0894 2025-01-29 18:00 2019-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
821 - - - DLL hijacking vulnerabilities, caused by an uncontrolled search path in Flash Programming Utility installer can lead to privilege escalation and arbitrary code execution when running the impacted ins… - CVE-2024-9492 2025-01-25 00:15 2025-01-25 Show GitHub Exploit DB Packet Storm
822 - - - DLL hijacking vulnerabilities, caused by an uncontrolled search path in Configuration Wizard 2 installer can lead to privilege escalation and arbitrary code execution when running the impacted instal… - CVE-2024-9491 2025-01-25 00:15 2025-01-25 Show GitHub Exploit DB Packet Storm
823 - - - DLL hijacking vulnerabilities, caused by an uncontrolled search path in Silicon Labs (8-bit) IDE installer can lead to privilege escalation and arbitrary code execution when running the impacted inst… - CVE-2024-9490 2025-01-25 00:15 2025-01-25 Show GitHub Exploit DB Packet Storm
824 - - - An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_process_pmt in media_tools/mpegts.c:2163 that can cause a denial of service (DOS… - CVE-2024-57184 2025-01-25 00:15 2025-01-24 Show GitHub Exploit DB Packet Storm
825 - - - GPAC MP4box 2.1-DEV-rev574-g9d5bb184b contains a buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c, check needed for num_exp_tile_columns - CVE-2022-47090 2025-01-25 00:15 2025-01-24 Show GitHub Exploit DB Packet Storm
826 - - - Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all platforms allows authenticated users with Admin Console access to retrieve sensitive data, including app… - CVE-2021-42718 2025-01-25 00:15 2025-01-24 Show GitHub Exploit DB Packet Storm
827 8.8 HIGH
Network 		- - IBM Cognos Dashboards 4.0.7 and 5.0.0 on Cloud Pak for Data could allow a remote attacker to perform unauthorized actions due to dependency confusion. CWE-427
 Uncontrolled Search Path Element 		CVE-2024-41739 2025-01-24 23:15 2025-01-24 Show GitHub Exploit DB Packet Storm
828 5.4 MEDIUM
Network 		- - The Activity Plus Reloaded for BuddyPress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.1 via the 'ajax_preview_link' function. Thi… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-11913 2025-01-24 23:15 2025-01-24 Show GitHub Exploit DB Packet Storm
829 4.3 MEDIUM
Network 		- - The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.2 via the register_controls function in widgets/offcanvas… CWE-1230
 Exposure of Sensitive Information Through Metadata 		CVE-2024-10324 2025-01-24 23:15 2025-01-24 Show GitHub Exploit DB Packet Storm
830 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FooGallery Captions allows Reflected XSS. This issue affects FooGallery Captions: from n… CWE-79
Cross-site Scripting 		CVE-2025-23889 2025-01-24 20:15 2025-01-24 Show GitHub Exploit DB Packet Storm