Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1351	4.3	警告 Network	LadiPage	LadiPage	WordPress 用 LadiPage におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2023-4729	2025-01-20 11:15	2023-09-1	Show	GitHub Exploit DB Packet Storm

1352	6.5	警告 Network	WebTechStreet	Elementor Addon Elements	WebTechStreet の WordPress 用 Elementor Addon Elements におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2024-1358	2025-01-20 11:06	2024-03-13	Show	GitHub Exploit DB Packet Storm

1353	5.4	警告 Network	WebTechStreet	Elementor Addon Elements	WebTechStreet の WordPress 用 Elementor Addon Elements におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1391	2025-01-20 11:06	2024-03-13	Show	GitHub Exploit DB Packet Storm

1354	8.8	重要 Network	Metagauss Inc.	registrationmagic	Metagauss Inc. の WordPress 用 registrationmagic における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-1990	2025-01-20 11:06	2024-04-9	Show	GitHub Exploit DB Packet Storm

1355	5.3	警告 Network	PrestaShop	PrestaShop	PrestaShop におけるパストラバーサルの脆弱性	CWE-22 CWE-22	CVE-2024-26129	2025-01-20 11:06	2024-02-19	Show	GitHub Exploit DB Packet Storm

1356	6.5	警告 Network	Contao	contao	Contao における脆弱性	CWE-200 CWE-noinfo	CVE-2024-28235	2025-01-20 11:06	2024-04-9	Show	GitHub Exploit DB Packet Storm

1357	9.8	緊急 Network	Argie	Online courseware	Argie の Online courseware における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-3418	2025-01-20 11:06	2024-04-7	Show	GitHub Exploit DB Packet Storm

1358	9.8	緊急 Network	Argie	Online courseware	Argie の Online courseware における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-3420	2025-01-20 11:06	2024-04-7	Show	GitHub Exploit DB Packet Storm

1359	9.8	緊急 Network	oretnom23	Laundry Shop Management System	oretnom23 の Laundry Shop Management System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-3445	2025-01-20 11:06	2024-04-8	Show	GitHub Exploit DB Packet Storm

1360	7.8	重要 Local	Ivanti	connect secure policy secure	Ivanti の connect secure および policy secure における脆弱性	CWE-267 CWE-426 CWE-426 CWE-Other	CVE-2024-47906	2025-01-20 11:06	2024-11-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 22, 2025, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
981	-		-	-	An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances.	CWE-250 Execution with Unnecessary Privileges	CVE-2024-7102	2025-02-13 10:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

982	-		-	-	A directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an administrative user to access system files with the file …	-	CVE-2024-34521	2025-02-13 08:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

983	-		-	-	Uncaught exception in OpenBMC Firmware for the Intel(R) Server M50FCP Family and Intel(R) Server D50DNP Family before version R01.02.0002 may allow an authenticated user to potentially enable denial …	CWE-248 Uncaught Exception	CVE-2025-20097	2025-02-13 07:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

984	6.3	MEDIUM Network	-	-	A vulnerability classified as critical was found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected by this vulnerability is an unknown functionality of the file /read/?pag…	CWE-78 CWE-77 OS Command Command Injection	CVE-2025-1229	2025-02-13 07:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

985	4.3	MEDIUM Network	-	-	A vulnerability classified as problematic has been found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected is an unknown function of the file /read/?page=1&logfile=LOG_Mon…	CWE-22 Path Traversal	CVE-2025-1228	2025-02-13 07:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

986	-		-	-	An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file.	-	CVE-2024-57602	2025-02-13 07:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

987	-		-	-	Uncontrolled search path for the Intel(R) RealSense D400 Series Universal Windows Platform (UWP) Driver for Windows(R) 10 all versions may allow an authenticated user to potentially enable escalation…	CWE-427 Uncontrolled Search Path Element	CVE-2024-47006	2025-02-13 07:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

988	-		-	-	Uncontrolled search path element in some BIOS and System Firmware Update Package for Intel(R) Server M50FCP family before version R01.02.0002 may allow a privileged user to potentially enable escalat…	CWE-427 Uncontrolled Search Path Element	CVE-2024-42492	2025-02-13 07:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

989	-		-	-	Incorrect default permissions for some Intel(R) GPA and Intel(R) GPA Framework software installers may allow an authenticated user to potentially enable escalation of privilege via local access.	CWE-276 Incorrect Default Permissions	CVE-2024-42419	2025-02-13 07:15	2025-02-13	Show	GitHub Exploit DB Packet Storm

990	-		-	-	Improper input validation in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.	CWE-20 Improper Input Validation	CVE-2024-42410	2025-02-13 07:15	2025-02-13	Show	GitHub Exploit DB Packet Storm