Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 10, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
161 8.8 重要
Network 		bluecoral Advanced Flamingo bluecoral の WordPress 用 Advanced Flamingo におけるクロスサイトリクエストフォージェリの脆弱性 New CWE-352
同一生成元ポリシー違反 		CVE-2023-52226 2025-01-9 16:47 2023-12-29 Show GitHub Exploit DB Packet Storm
162 3.3
Local 		- アップルの macOS における重要な情報のセキュアでない格納に関する脆弱性 New CWE-922
CWE-922
CVE-2024-44298 2025-01-9 16:43 2024-10-28 Show GitHub Exploit DB Packet Storm
163 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における初期化されていないリソースの使用に関する脆弱性 New CWE-908
初期化されていないリソースの使用 		CVE-2024-56769 2025-01-9 16:35 2024-12-11 Show GitHub Exploit DB Packet Storm
164 7.8 重要
Local 		Linux Linux Kernel Linux の Linux Kernel における脆弱性 New CWE-noinfo
情報不足 		CVE-2024-53096 2025-01-9 16:34 2024-11-5 Show GitHub Exploit DB Packet Storm
165 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における整数オーバーフローの脆弱性 New CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2024-53145 2025-01-9 16:34 2024-10-10 Show GitHub Exploit DB Packet Storm
166 7.1 重要
Local 		Linux Linux Kernel Linux の Linux Kernel における初期化されていないリソースの使用に関する脆弱性 New CWE-908
初期化されていないリソースの使用 		CVE-2024-53155 2025-01-9 16:34 2024-11-11 Show GitHub Exploit DB Packet Storm
167 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス 		CVE-2024-53235 2025-01-9 16:34 2024-11-18 Show GitHub Exploit DB Packet Storm
168 7.8 重要
Local 		Linux Linux Kernel Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 New CWE-416
解放済みメモリの使用 		CVE-2024-56764 2025-01-9 16:32 2024-12-26 Show GitHub Exploit DB Packet Storm
169 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における脆弱性 New CWE-noinfo
情報不足 		CVE-2024-56763 2025-01-9 16:29 2024-12-23 Show GitHub Exploit DB Packet Storm
170 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における脆弱性 New CWE-noinfo
情報不足 		CVE-2024-56760 2025-01-9 16:26 2024-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 10, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
21 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemePoints Skill Bar allows Stored XSS.This issue affects Skill Bar: from n/a through 1.2. New CWE-79
Cross-site Scripting 		CVE-2025-22805 2025-01-10 01:16 2025-01-10 Show GitHub Exploit DB Packet Storm
22 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Bearne Author Avatars List/Block allows Stored XSS.This issue affects Author Avatars List/Bl… New CWE-79
Cross-site Scripting 		CVE-2025-22804 2025-01-10 01:16 2025-01-10 Show GitHub Exploit DB Packet Storm
23 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme Advanced Product Information for WooCommerce allows Stored XSS.This issue affects Adva… New CWE-79
Cross-site Scripting 		CVE-2025-22803 2025-01-10 01:16 2025-01-10 Show GitHub Exploit DB Packet Storm
24 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org Email Templates Customizer for WordPress – Drag And Drop Email Templates Builder – Ye… New CWE-79
Cross-site Scripting 		CVE-2025-22802 2025-01-10 01:16 2025-01-10 Show GitHub Exploit DB Packet Storm
25 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes Free WooCommerce Theme 99fy Extension allows Stored XSS.This issue affects Free WooComm… New CWE-79
Cross-site Scripting 		CVE-2025-22801 2025-01-10 01:16 2025-01-10 Show GitHub Exploit DB Packet Storm
26 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yamna Khawaja Mailing Group Listserv allows Reflected XSS.This issue affects Mailing Group Listse… New CWE-79
Cross-site Scripting 		CVE-2025-22595 2025-01-10 01:16 2025-01-10 Show GitHub Exploit DB Packet Storm
27 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hccoder – Sándor Fodor Better User Shortcodes allows Reflected XSS.This issue affects Better User… New CWE-79
Cross-site Scripting 		CVE-2025-22594 2025-01-10 01:16 2025-01-10 Show GitHub Exploit DB Packet Storm
28 - - - Missing Authorization vulnerability in Jason Funk Title Experiments Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Title Experiments Free: from n/a th… New CWE-862
 Missing Authorization 		CVE-2025-22561 2025-01-10 01:16 2025-01-10 Show GitHub Exploit DB Packet Storm
29 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ofek Nakar Virtual Bot allows Blind SQL Injection.This issue affects Virtual Bot: from n/a throug… New CWE-89
SQL Injection 		CVE-2025-22542 2025-01-10 01:16 2025-01-10 Show GitHub Exploit DB Packet Storm
30 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sebastian Orellana Emailing Subscription allows Blind SQL Injection.This issue affects Emailing S… New CWE-89
SQL Injection 		CVE-2025-22540 2025-01-10 01:16 2025-01-10 Show GitHub Exploit DB Packet Storm