Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1261 - - Howyar Technologies Inc. UEFI アプリケーション 「Reloader」 Howyar 製 UEFI アプリケーション「Reloader」における署名されていないソフトウェアを実行する脆弱性 - CVE-2024-7344 2025-01-20 15:02 2024-08-29 Show GitHub Exploit DB Packet Storm
1262 5.4 警告
Network 		WebTechStreet Elementor Addon Elements WebTechStreet の WordPress 用 Elementor Addon Elements におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1422 2025-01-20 15:02 2024-03-13 Show GitHub Exploit DB Packet Storm
1263 5.4 警告
Network 		Livemesh Livemesh Addons for Elementor Livemesh の WordPress 用 Livemesh Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1458 2025-01-20 15:02 2024-04-9 Show GitHub Exploit DB Packet Storm
1264 5.4 警告
Network 		Livemesh Livemesh Addons for Elementor Livemesh の WordPress 用 Livemesh Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1465 2025-01-20 15:02 2024-04-9 Show GitHub Exploit DB Packet Storm
1265 4.3 警告
Network 		StylemixThemes MasterStudy LMS StylemixThemes の WordPress 用 MasterStudy LMS における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-1904 2025-01-20 15:02 2024-04-9 Show GitHub Exploit DB Packet Storm
1266 5.4 警告
Network 		Livemesh Livemesh Addons for Elementor Livemesh の WordPress 用 Livemesh Addons for Elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-2539 2025-01-20 15:02 2024-04-10 Show GitHub Exploit DB Packet Storm
1267 8.8 重要
Network 		Apache Software Foundation Apache Pulsar Apache Software Foundation の Apache Pulsar における入力確認に関する脆弱性 CWE-20
CWE-552
CVE-2024-27894 2025-01-20 15:02 2024-03-12 Show GitHub Exploit DB Packet Storm
1268 5.4 警告
Network 		Apache Software Foundation Apache Pulsar Apache Software Foundation の Apache Pulsar における不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2024-28098 2025-01-20 15:02 2024-03-12 Show GitHub Exploit DB Packet Storm
1269 7.5 重要
Network 		Sonaar Music mp3 audio player for music
 radio & podcast 		Sonaar Music の WordPress 用 mp3 audio player for music, radio & podcast における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-31343 2025-01-20 15:02 2024-04-10 Show GitHub Exploit DB Packet Storm
1270 8.8 重要
Network 		マイクロソフト Microsoft Windows 10
Microsoft Windows Server 2022
Microsoft Windows Server 2012
Microsoft Windows Server 2008
Microsoft Window… 		Windows ルーティングとリモート アクセス サービス (RRAS) のリモートでコードが実行される脆弱性 CWE-197
CWE-noinfo
CVE-2024-30009 2025-01-20 15:01 2024-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 3, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
61 7.5 HIGH
Network 		apple macos A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An attacker may gain access to protected parts of the fil… Update NVD-CWE-noinfo
CVE-2024-54557 2025-02-1 07:15 2025-01-28 Show GitHub Exploit DB Packet Storm
62 5.5 MEDIUM
Local 		apple macos The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.2. An app may be able to edit NVRAM variables. Update NVD-CWE-noinfo
CVE-2024-54536 2025-02-1 07:15 2025-01-28 Show GitHub Exploit DB Packet Storm
63 3.3 LOW
Local 		apple macos A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to approve a launch daemon without user consent. Update NVD-CWE-noinfo
CVE-2024-54516 2025-02-1 07:15 2025-01-28 Show GitHub Exploit DB Packet Storm
64 6.5 MEDIUM
Network 		- - A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user w… Update - CVE-2025-23367 2025-02-1 06:15 2025-01-31 Show GitHub Exploit DB Packet Storm
65 - - - Buffer Overflow vulnerability in Bento4 mp42avc v.3bdc891602d19789b8e8626e4a3e613a937b4d35 allows a local attacker to execute arbitrary code via the AP4_File::ParseStream and related functions. Update - CVE-2024-57509 2025-02-1 06:15 2025-01-30 Show GitHub Exploit DB Packet Storm
66 - - - Password Vulnerability in Safety production process management system v1.0 allows a remote attacker to escalate privileges, execute arbitrary code and obtain sensitive information via the password an… Update - CVE-2024-57395 2025-02-1 06:15 2025-01-30 Show GitHub Exploit DB Packet Storm
67 - - - The /WmAdmin/,/invoke/vm.server/login login page in the Integration Server in Software AG webMethods 10.15.0 before Core_Fix7 allows remote attackers to reach the administration panel and discover ho… Update - CVE-2024-23733 2025-02-1 06:15 2025-01-30 Show GitHub Exploit DB Packet Storm
68 7.8 HIGH
Local 		apple watchos
ipados
macos
tvos
iphone_os 		The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. Update CWE-787
 Out-of-bounds Write 		CVE-2024-54517 2025-02-1 06:15 2025-01-28 Show GitHub Exploit DB Packet Storm
69 7.2 HIGH
Network 		vruiz vr-frases The VR-Frases (collect & share quotes) plugin for WordPress is vulnerable to SQL Injection via several parameters in all versions up to, and including, 3.0.1 due to insufficient escaping on the user … Update CWE-89
SQL Injection 		CVE-2025-0861 2025-02-1 05:43 2025-01-30 Show GitHub Exploit DB Packet Storm
70 6.1 MEDIUM
Network 		vruiz vr-frases The VR-Frases (collect & share quotes) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters in all versions up to, and including, 3.0.1 due to insufficient inpu… Update CWE-79
Cross-site Scripting 		CVE-2025-0860 2025-02-1 05:42 2025-01-30 Show GitHub Exploit DB Packet Storm