Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1441 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2023-52865 2025-01-17 20:40 2023-10-18 Show GitHub Exploit DB Packet Storm
1442 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2021-47202 2025-01-17 20:37 2021-11-5 Show GitHub Exploit DB Packet Storm
1443 8.8 重要
Network 		Google Google Chrome Google の Google Chrome における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2025-0437 2025-01-17 19:41 2025-01-14 Show GitHub Exploit DB Packet Storm
1444 9.8 緊急
Network 		Apache Software Foundation hertzbeat Apache Software Foundation の hertzbeat における信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
CWE-502
CVE-2023-51389 2025-01-17 19:41 2023-12-18 Show GitHub Exploit DB Packet Storm
1445 8.5 重要
Network 		BoldGrid W3 Total Cache BoldGrid の WordPress 用 W3 Total Cache における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-12365 2025-01-17 19:41 2024-12-9 Show GitHub Exploit DB Packet Storm
1446 9.8 緊急
Network 		Ivanti Avalanche Ivanti の Avalanche におけるパストラバーサルの脆弱性 CWE-22
CWE-22
CWE-288
CVE-2024-13181 2025-01-17 19:41 2025-01-14 Show GitHub Exploit DB Packet Storm
1447 6.4 警告
Network 		s-sols seraphinite accelerator s-sols の WordPress 用 seraphinite accelerator におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2024-1568 2025-01-17 19:41 2024-02-28 Show GitHub Exploit DB Packet Storm
1448 7.2 重要
Network 		zestard admin side data storage for contact form 7 zestard の WordPress 用 admin side data storage for contact form 7 における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-1776 2025-01-17 19:41 2024-02-23 Show GitHub Exploit DB Packet Storm
1449 8.8 重要
Network 		Progress Software Corporation telerik reporting Progress Software Corporation の telerik reporting における信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
CWE-502
CVE-2024-1856 2025-01-17 19:40 2024-03-20 Show GitHub Exploit DB Packet Storm
1450 9.1 緊急
Network 		WPvivid Migration
 Backup
 Staging 		WPvivid の WordPress 用 Migration, Backup, Staging における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-1981 2025-01-17 19:40 2024-02-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 21, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
871 6.4 MEDIUM
Network 		- - The Puzzles theme for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 4.2.4 due to insufficient input sanitization and output escaping on user … CWE-79
Cross-site Scripting 		CVE-2025-0837 2025-02-13 14:15 2025-02-13 Show GitHub Exploit DB Packet Storm
872 8.1 HIGH
Network 		- - The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2.4 via deserialization of untrus… CWE-502
 Deserialization of Untrusted Data 		CVE-2024-13770 2025-02-13 14:15 2025-02-13 Show GitHub Exploit DB Packet Storm
873 4.3 MEDIUM
Network 		- - The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the update_metadata() function in all ve… CWE-284
Improper Access Control 		CVE-2024-13229 2025-02-13 14:15 2025-02-13 Show GitHub Exploit DB Packet Storm
874 6.4 MEDIUM
Network 		- - The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.23… CWE-79
Cross-site Scripting 		CVE-2024-13227 2025-02-13 14:15 2025-02-13 Show GitHub Exploit DB Packet Storm
875 9.8 CRITICAL
Network 		- - The Campress theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.35 via the 'campress_woocommerce_get_ajax_products' function. This makes it possible for… CWE-22
Path Traversal 		CVE-2024-10763 2025-02-13 14:15 2025-02-13 Show GitHub Exploit DB Packet Storm
876 - - - Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerability. A remote attacker could potentially exploit this vulnerability, leading to a Denial of Service. - CVE-2024-29172 2025-02-13 13:15 2025-02-12 Show GitHub Exploit DB Packet Storm
877 - - - Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verification vulnerability. A remote attacker could potentially exploit this vulnerability, lead… - CVE-2024-29171 2025-02-13 13:15 2025-02-12 Show GitHub Exploit DB Packet Storm
878 - - - An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allo… CWE-613
 Insufficient Session Expiration 		CVE-2025-1198 2025-02-13 11:15 2025-02-13 Show GitHub Exploit DB Packet Storm
879 - - - Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker. CWE-306
Missing Authentication for Critical Function 		CVE-2025-0896 2025-02-13 11:15 2025-02-13 Show GitHub Exploit DB Packet Storm
880 6.4 MEDIUM
Network 		- - The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and including, 2.1.8 due to insufficient input… CWE-79
Cross-site Scripting 		CVE-2024-13644 2025-02-13 11:15 2025-02-13 Show GitHub Exploit DB Packet Storm