Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1711	7.2	重要 Network	Phoenix Cart	CE Phoenix Cart	Phoenix Cart の CE Phoenix Cart におけるコードインジェクションの脆弱性	CWE-94 CWE-94	CVE-2024-25415	2025-01-16 16:55	2024-02-16	Show	GitHub Exploit DB Packet Storm

1712	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性	CWE-Other その他	CVE-2022-48639	2025-01-16 16:48	2022-09-22	Show	GitHub Exploit DB Packet Storm

1713	7	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における競合状態に関する脆弱性	CWE-362 競合状態	CVE-2023-52480	2025-01-16 16:48	2023-10-4	Show	GitHub Exploit DB Packet Storm

1714	7	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における競合状態に関する脆弱性	CWE-362 競合状態	CVE-2023-52517	2025-01-16 16:48	2023-09-4	Show	GitHub Exploit DB Packet Storm

1715	7.1	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2023-52519	2025-01-16 16:48	2023-10-5	Show	GitHub Exploit DB Packet Storm

1716	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2023-52524	2025-01-16 16:48	2023-10-3	Show	GitHub Exploit DB Packet Storm

1717	7.1	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2023-52525	2025-01-16 16:48	2023-09-18	Show	GitHub Exploit DB Packet Storm

1718	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における二重解放に関する脆弱性	CWE-415 二重解放	CVE-2024-56704	2025-01-16 16:48	2024-11-22	Show	GitHub Exploit DB Packet Storm

1719	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	fh1205 ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の fh1205 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-3011	2025-01-16 16:42	2024-03-28	Show	GitHub Exploit DB Packet Storm

1720	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	W15E ファームウェア	Shenzhen Tenda Technology Co.,Ltd. の W15E ファームウェアにおける境界外書き込みに関する脆弱性	CWE-121 CWE-787	CVE-2024-4116	2025-01-16 16:42	2024-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 13, 2025, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
241	8.8	HIGH Network	soflyy	wp_all_export	The WP ALL Export Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.9.1 via the custom export fields. This is due to the missing input validation… Update	CWE-94 Code Injection	CVE-2024-7419	2025-02-12 04:25	2025-02-8	Show	GitHub Exploit DB Packet Storm

242	7.2	HIGH Network	soflyy	wp_all_import	The WP All Import Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.9.7 via deserialization of untrusted input from an import file. This makes it … Update	CWE-502 Deserialization of Untrusted Data	CVE-2024-9664	2025-02-12 04:16	2025-02-8	Show	GitHub Exploit DB Packet Storm

243	-		-	-	Buffer overflow vulnerability in TOTOLink X6000R routers V9.4.0cu.652_B20230116 due to the lack of length verification, which is related to the addition of Wi-Fi filtering rules. Attackers who succes… New	-	CVE-2025-25524	2025-02-12 04:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

244	-		-	-	Buffer overflow vulnerability in Trendnet TEG-40128 Web Smart Switch v1(1.00.023) due to the lack of length verification, which is related to the mobile access point setup operation. The attacker can… New	-	CVE-2025-25523	2025-02-12 04:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

245	-		-	-	Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote targe… New	-	CVE-2025-25522	2025-02-12 04:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

246	-		-	-	Ash Authentication is an authentication framework for Elixir applications. Applications which have been bootstrapped by the igniter installer present since AshAuthentication v4.1.0 and who have used … New	CWE-269 Improper Privilege Management	CVE-2025-25202	2025-02-12 04:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

247	-		-	-	A security issue in Sitevision version 10.3.1 and older allows a remote attacker, in certain (non-default) scenarios, to gain access to the private keys used for signing SAML Authn requests. The unde… New	-	CVE-2022-35202	2025-02-12 04:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

248	7.2	HIGH Network	soflyy	wp_all_export	The WP ALL Export Pro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to improper user input validation and sanitization in all versi… Update	CWE-94 Code Injection	CVE-2024-7425	2025-02-12 04:12	2025-02-8	Show	GitHub Exploit DB Packet Storm

249	9.8	CRITICAL Network	pluginab	plugin_a\/b_image_optimizer	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zach Swetz Plugin A/B Image Optimizer allows Path Traversal. This issue affects Plugin A/B Image Optimi… Update	CWE-22 Path Traversal	CVE-2025-25163	2025-02-12 03:42	2025-02-7	Show	GitHub Exploit DB Packet Storm

250	6.1	MEDIUM Network	gabrieldarezzo	inlocation	Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation allows Stored XSS. This issue affects InLocation: from n/a through 1.8. Update	CWE-352 Origin Validation Error	CVE-2025-25166	2025-02-12 03:25	2025-02-7	Show	GitHub Exploit DB Packet Storm