Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 22, 2025, 4:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
121	7.8	重要 Local	アドビシステムズ	Adobe Substance 3D Designer	アドビの Adobe Substance 3D Designer における境界外書き込みに関する脆弱性 New	CWE-122 CWE-787	CVE-2025-21139	2025-01-22 12:25	2025-01-14	Show	GitHub Exploit DB Packet Storm

122	7.8	重要 Local	IBM	IBM VIOS IBM AIX	IBM の IBM VIOS および IBM AIX における OS コマンドインジェクションの脆弱性 New	CWE-78 OSコマンド・インジェクション	CVE-2024-47115	2025-01-22 12:18	2024-12-5	Show	GitHub Exploit DB Packet Storm

123	7.8	重要 Local	アドビシステムズ	Adobe Substance 3D Designer	アドビの Adobe Substance 3D Designer における境界外書き込みに関する脆弱性 New	CWE-122 CWE-787	CVE-2025-21137	2025-01-22 12:11	2025-01-14	Show	GitHub Exploit DB Packet Storm

124	7.5	重要 Network	株式会社アイ・オー・データ機器	UD-LT2 ファームウェア	アイ・オー・データ製ルーターUD-LT2における複数の脆弱性 New	CWE-78 CWE-Other	CVE-2025-20617 CVE-2025-22450 CVE-2025-23237	2025-01-22 12:08	2025-01-22	Show	GitHub Exploit DB Packet Storm

125	7.8	重要 Local	アドビシステムズ	Adobe Substance 3D Designer	アドビの Adobe Substance 3D Designer における境界外書き込みに関する脆弱性 New	CWE-787 境界外書き込み	CVE-2025-21136	2025-01-22 11:49	2025-01-14	Show	GitHub Exploit DB Packet Storm

126	7.8	重要 Local	アドビシステムズ	Adobe Substance 3D Designer	アドビの Adobe Substance 3D Designer における境界外書き込みに関する脆弱性 New	CWE-787 境界外書き込み	CVE-2025-21138	2025-01-22 11:49	2025-01-14	Show	GitHub Exploit DB Packet Storm

127	7.8	重要 Local	アドビシステムズ	Adobe Illustrator	アドビの Ipad Os 用 Adobe Illustrator における整数アンダーフローの脆弱性 New	CWE-191 整数アンダーフロー	CVE-2025-21133	2025-01-22 11:34	2025-01-14	Show	GitHub Exploit DB Packet Storm

128	5.3	警告 Network	ヒューレット・パッカードシスコシステムズ Digi International Inc.	Cisco NX-OS X3220NR ファームウェア Saros	複数の IP 標準で IP カプセル化を実装する製品におけるスプーフィングによる認証回避に関する脆弱性 Update	CWE-290 スプーフィングによる認証回避	CVE-2020-10136	2025-01-22 11:18	2020-06-2	Show	GitHub Exploit DB Packet Storm

129	8.8	重要 Network	RadiusTheme	Classified Listing - Classified Ads & Business Directory Plugin	RadiusTheme の WordPress 用 Classified Listing - Classified ads & Business Directory Plugin におけるクロスサイトリクエストフォージェリの脆弱性 New	CWE-352 同一生成元ポリシー違反	CVE-2024-1315	2025-01-22 11:16	2024-04-9	Show	GitHub Exploit DB Packet Storm

130	3.3	低 Local	Termius Corporation	Termius	Termius Corporation の Termius における信頼できない検索パスに関する脆弱性 New	CWE-426 信頼性のない検索パス	CVE-2024-55503	2025-01-22 11:05	2024-12-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 22, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
581	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pflonk Sidebar-Content from Shortcode allows DOM-Based XSS.This issue affects Sidebar-Content fro…	CWE-79 Cross-site Scripting	CVE-2025-23642	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

582	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thomas Ehrhardt Powie's pLinks PagePeeker allows DOM-Based XSS.This issue affects Powie's pLinks …	CWE-79 Cross-site Scripting	CVE-2025-23641	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

583	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Nazmul Ahsan Rename Author Slug allows Stored XSS.This issue affects Rename Author Slug: from n/a through 1.2.0.	CWE-352 Origin Validation Error	CVE-2025-23640	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

584	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Nazmul Ahsan MDC YouTube Downloader allows Stored XSS.This issue affects MDC YouTube Downloader: from n/a through 3.0.0.	CWE-352 Origin Validation Error	CVE-2025-23639	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

585	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Gordon French Comment-Emailer allows Stored XSS.This issue affects Comment-Emailer: from n/a through 1.0.5.	CWE-352 Origin Validation Error	CVE-2025-23627	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

586	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mahesh Bisen Contact Form 7 – CCAvenue Add-on allows Reflected XSS.This issue affects Contact For…	CWE-79 Cross-site Scripting	CVE-2025-23623	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

587	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexey Trofimov Captchelfie – Captcha by Selfie allows Reflected XSS.This issue affects Captchelf…	CWE-79 Cross-site Scripting	CVE-2025-23620	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

588	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Andrea Brandi Twitter Shortcode allows Stored XSS.This issue affects Twitter Shortcode: from n/a through 0.9.	CWE-352 Origin Validation Error	CVE-2025-23618	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

589	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Oliver Schaal Floatbox Plus allows Stored XSS.This issue affects Floatbox Plus: from n/a through 1.4.4.	CWE-352 Origin Validation Error	CVE-2025-23617	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

590	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Word Freshener allows Stored XSS.This issue affects Word Freshener: from n/a through 1.3.	CWE-352 Origin Validation Error	CVE-2025-23577	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm