Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1201 8.8 重要
Network 		マイクロソフト Microsoft Windows Server 2008
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows 10
Microsoft Windows Server&… 		Windows テレフォニー サービスのリモートでコードが実行される脆弱性 CWE-122
CWE-noinfo
CVE-2025-21417 2025-01-20 17:20 2025-01-14 Show GitHub Exploit DB Packet Storm
1202 8.8 重要
Network 		マイクロソフト Microsoft Windows Server 2008
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows 10
Microsoft Windows Server&… 		SQL Server 用 Microsoft WDAC OLE DB プロバイダーのリモートでコードが実行される脆弱性 CWE-416
CWE-noinfo
CVE-2024-30006 2025-01-20 17:17 2024-05-14 Show GitHub Exploit DB Packet Storm
1203 5.4 警告
Network 		VillaTheme Thank You Page Customizer for WooCommerce - Increase Your Sales VillaTheme の WordPress 用 Thank You Page Customizer for WooCommerce - Increase Your Sales における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-1687 2025-01-20 17:17 2024-02-27 Show GitHub Exploit DB Packet Storm
1204 8.8 重要
Local 		マイクロソフト Microsoft Windows 11 Windows 仮想化ベースのセキュリティ (VBS) エンクレーブの特権昇格の脆弱性 CWE-20
CWE-noinfo
CVE-2025-21370 2025-01-20 17:14 2025-01-14 Show GitHub Exploit DB Packet Storm
1205 7.5 重要
Network 		MailCleaner MailCleaner MailCleaner における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2019-1010246 2025-01-20 17:12 2019-01-21 Show GitHub Exploit DB Packet Storm
1206 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-121
CWE-noinfo
CVE-2024-28928 2025-01-20 17:11 2024-07-9 Show GitHub Exploit DB Packet Storm
1207 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-190
CWE-noinfo
CVE-2024-21428 2025-01-20 17:09 2024-07-9 Show GitHub Exploit DB Packet Storm
1208 7.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office 		Microsoft Excel のセキュリティ機能のバイパスの脆弱性 CWE-502
CWE-noinfo
CVE-2025-21364 2025-01-20 17:09 2025-01-14 Show GitHub Exploit DB Packet Storm
1209 4.3 警告
Network 		LadiPage LadiPage WordPress 用 LadiPage におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2023-4628 2025-01-20 17:07 2023-08-30 Show GitHub Exploit DB Packet Storm
1210 8.8 重要
Network 		マイクロソフト Microsoft SQL Server SQL Server Native Client OLE DB プロバイダーのリモート コード実行に対する脆弱性 CWE-122
CWE-noinfo
CVE-2024-21415 2025-01-20 17:06 2024-07-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 7, 2025, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
621 6.1 MEDIUM
Network 		vruiz vr-frases The VR-Frases (collect & share quotes) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters in all versions up to, and including, 3.0.1 due to insufficient inpu… CWE-79
Cross-site Scripting 		CVE-2025-0860 2025-02-1 05:42 2025-01-30 Show GitHub Exploit DB Packet Storm
622 6.5 MEDIUM
Network 		dwbooster cp_contact_form The CP Contact Form with PayPal plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.52. This is due to missing or incorrect nonce validation on … CWE-352
 Origin Validation Error 		CVE-2024-13758 2025-02-1 05:28 2025-01-30 Show GitHub Exploit DB Packet Storm
623 5.4 MEDIUM
Network 		cyberchimps responsive_blocks The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘section_tag’ parameter in all versions up to, and including, 1.9.9 due to… CWE-79
Cross-site Scripting 		CVE-2024-13732 2025-02-1 05:22 2025-01-30 Show GitHub Exploit DB Packet Storm
624 6.3 MEDIUM
Network 		- - A vulnerability was found in code-projects Job Recruitment 1.0. It has been classified as problematic. This affects an unknown part of the file /parse/_call_job_search_ajax.php. The manipulation of t… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0934 2025-02-1 05:15 2025-02-1 Show GitHub Exploit DB Packet Storm
625 - - - In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied… - CVE-2025-0662 2025-02-1 05:15 2025-01-30 Show GitHub Exploit DB Packet Storm
626 - - - A floating-point exception (FPE) vulnerability exists in the AP4_TfraAtom::AP4_TfraAtom function in Bento4. - CVE-2024-57513 2025-02-1 05:15 2025-01-30 Show GitHub Exploit DB Packet Storm
627 4.3 MEDIUM
Network 		visualmodo borderless The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'remove_zi… CWE-862
 Missing Authorization 		CVE-2024-11583 2025-02-1 05:03 2025-01-30 Show GitHub Exploit DB Packet Storm
628 7.2 HIGH
Network 		visualmodo borderless The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.5.9 via the 'wr… CWE-94
Code Injection 		CVE-2024-11600 2025-02-1 05:02 2025-01-30 Show GitHub Exploit DB Packet Storm
629 4.3 MEDIUM
Network 		seventhqueen typer_core The Typer Core plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.6 via the 'elementor-template' shortcode due to insufficient restrictions on which … NVD-CWE-noinfo
CVE-2024-12102 2025-02-1 05:01 2025-01-30 Show GitHub Exploit DB Packet Storm
630 6.1 MEDIUM
Network 		wpmessiah ai_image_alt_text_generator_for_wp The Ai Image Alt Text Generator for WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.2 due to insufficient in… CWE-79
Cross-site Scripting 		CVE-2024-12177 2025-02-1 04:49 2025-01-30 Show GitHub Exploit DB Packet Storm