Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1261 - - Howyar Technologies Inc. UEFI アプリケーション 「Reloader」 Howyar 製 UEFI アプリケーション「Reloader」における署名されていないソフトウェアを実行する脆弱性 - CVE-2024-7344 2025-01-20 15:02 2024-08-29 Show GitHub Exploit DB Packet Storm
1262 5.4 警告
Network 		WebTechStreet Elementor Addon Elements WebTechStreet の WordPress 用 Elementor Addon Elements におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1422 2025-01-20 15:02 2024-03-13 Show GitHub Exploit DB Packet Storm
1263 5.4 警告
Network 		Livemesh Livemesh Addons for Elementor Livemesh の WordPress 用 Livemesh Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1458 2025-01-20 15:02 2024-04-9 Show GitHub Exploit DB Packet Storm
1264 5.4 警告
Network 		Livemesh Livemesh Addons for Elementor Livemesh の WordPress 用 Livemesh Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1465 2025-01-20 15:02 2024-04-9 Show GitHub Exploit DB Packet Storm
1265 4.3 警告
Network 		StylemixThemes MasterStudy LMS StylemixThemes の WordPress 用 MasterStudy LMS における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-1904 2025-01-20 15:02 2024-04-9 Show GitHub Exploit DB Packet Storm
1266 5.4 警告
Network 		Livemesh Livemesh Addons for Elementor Livemesh の WordPress 用 Livemesh Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-2539 2025-01-20 15:02 2024-04-10 Show GitHub Exploit DB Packet Storm
1267 8.8 重要
Network 		Apache Software Foundation Apache Pulsar Apache Software Foundation の Apache Pulsar における入力確認に関する脆弱性 CWE-20
CWE-552
CVE-2024-27894 2025-01-20 15:02 2024-03-12 Show GitHub Exploit DB Packet Storm
1268 5.4 警告
Network 		Apache Software Foundation Apache Pulsar Apache Software Foundation の Apache Pulsar における不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2024-28098 2025-01-20 15:02 2024-03-12 Show GitHub Exploit DB Packet Storm
1269 7.5 重要
Network 		Sonaar Music mp3 audio player for music
 radio & podcast 		Sonaar Music の WordPress 用 mp3 audio player for music, radio & podcast における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-31343 2025-01-20 15:02 2024-04-10 Show GitHub Exploit DB Packet Storm
1270 8.8 重要
Network 		マイクロソフト Microsoft Windows 10
Microsoft Windows Server 2022
Microsoft Windows Server 2012
Microsoft Windows Server 2008
Microsoft Window… 		Windows ルーティングとリモート アクセス サービス (RRAS) のリモートでコードが実行される脆弱性 CWE-197
CWE-noinfo
CVE-2024-30009 2025-01-20 15:01 2024-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 4, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211 - - - A Host Header Poisoning Open Redirect issue in slabiak Appointment Scheduler v.1.0.5 allows a remote attacker to redirect users to a malicious website, leading to potential credential theft, malware … - CVE-2024-42671 2025-02-1 02:15 2025-02-1 Show GitHub Exploit DB Packet Storm
212 - - - Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could resu… - CVE-2024-12248 2025-02-1 02:15 2025-01-31 Show GitHub Exploit DB Packet Storm
213 5.4 MEDIUM
Network 		vinayjain embed_swagger_ui The Embed Swagger UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsgui' shortcode in all versions up to, and including, 1.0.0 due to insufficient input saniti… CWE-79
Cross-site Scripting 		CVE-2024-13700 2025-02-1 01:49 2025-01-30 Show GitHub Exploit DB Packet Storm
214 - - - PMD is an extensible multilanguage static code analyzer. The passphrase for the PMD and PMD Designer release signing keys are included in jar published to Maven Central. The private key itself is not… CWE-200
CWE-540
Information Exposure
 Inclusion of Sensitive Information in Source Code 		CVE-2025-23215 2025-02-1 01:15 2025-02-1 Show GitHub Exploit DB Packet Storm
215 - - - O2OA 9.1.3 is vulnerable to Cross Site Scripting (XSS) in Meetings - Settings. - CVE-2025-22994 2025-02-1 01:15 2025-02-1 Show GitHub Exploit DB Packet Storm
216 - - - An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory traversal via a crafted HTTP request. - CVE-2024-53582 2025-02-1 01:15 2025-02-1 Show GitHub Exploit DB Packet Storm
217 - - - An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager. - CVE-2024-53537 2025-02-1 01:15 2025-02-1 Show GitHub Exploit DB Packet Storm
218 - - - Qualisys C++ SDK commit a32a21a was discovered to contain multiple stack buffer overflows via the GetCurrentFrame, SaveCapture, and LoadProject functions. - CVE-2024-53320 2025-02-1 01:15 2025-02-1 Show GitHub Exploit DB Packet Storm
219 - - - A heap buffer overflow in the XML Text Escaping component of Qualisys C++ SDK commit a32a21a allows attackers to cause Denial of Service (DoS) via escaping special XML characters. - CVE-2024-53319 2025-02-1 01:15 2025-02-1 Show GitHub Exploit DB Packet Storm
220 6.4 MEDIUM
Network 		- - IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed a… CWE-79
Cross-site Scripting 		CVE-2024-49807 2025-02-1 01:15 2025-02-1 Show GitHub Exploit DB Packet Storm