Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1761	4.3	警告 Network	LadiPage	LadiPage	WordPress 用 LadiPage におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2023-4731	2025-01-16 15:12	2023-09-1	Show	GitHub Exploit DB Packet Storm

1762	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2023-52483	2025-01-16 15:09	2023-10-10	Show	GitHub Exploit DB Packet Storm

1763	4.3	警告 Network	LadiPage	LadiPage	WordPress 用 LadiPage におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2023-4629	2025-01-16 15:06	2023-08-30	Show	GitHub Exploit DB Packet Storm

1764	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における脆弱性	CWE-noinfo 情報不足	CVE-2022-48628	2025-01-16 15:02	2022-12-21	Show	GitHub Exploit DB Packet Storm

1765	7.8	重要 Local	Huawei	Mate 20 Pro ファームウェア Mate 20 Pro (UD) ファームウェア Nova 5i ファームウェア	複数の Huawei 製品における脆弱性	CWE-269 CWE-noinfo	CVE-2020-9080	2025-01-16 14:55	2020-02-18	Show	GitHub Exploit DB Packet Storm

1766	7.2	重要 Network	FireBear Studio	Improved Import & Export	FireBear Studio の Magento 用 Improved Import & Export におけるブラインド XPath インジェクションの脆弱性	CWE-91 ブラインド XPath インジェクション	CVE-2024-25413	2025-01-16 14:52	2024-02-16	Show	GitHub Exploit DB Packet Storm

1767	5.4	警告 Network	LadiPage	LadiPage	WordPress 用 LadiPage におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2023-4728	2025-01-16 14:52	2023-09-1	Show	GitHub Exploit DB Packet Storm

1768	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2021-47437	2025-01-16 14:48	2021-09-25	Show	GitHub Exploit DB Packet Storm

1769	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2021-47469	2025-01-16 14:48	2021-10-14	Show	GitHub Exploit DB Packet Storm

1770	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2021-47505	2025-01-16 14:48	2021-12-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 13, 2025, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
241	8.8	HIGH Network	soflyy	wp_all_export	The WP ALL Export Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.9.1 via the custom export fields. This is due to the missing input validation… Update	CWE-94 Code Injection	CVE-2024-7419	2025-02-12 04:25	2025-02-8	Show	GitHub Exploit DB Packet Storm

242	7.2	HIGH Network	soflyy	wp_all_import	The WP All Import Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.9.7 via deserialization of untrusted input from an import file. This makes it … Update	CWE-502 Deserialization of Untrusted Data	CVE-2024-9664	2025-02-12 04:16	2025-02-8	Show	GitHub Exploit DB Packet Storm

243	-		-	-	Buffer overflow vulnerability in TOTOLink X6000R routers V9.4.0cu.652_B20230116 due to the lack of length verification, which is related to the addition of Wi-Fi filtering rules. Attackers who succes… New	-	CVE-2025-25524	2025-02-12 04:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

244	-		-	-	Buffer overflow vulnerability in Trendnet TEG-40128 Web Smart Switch v1(1.00.023) due to the lack of length verification, which is related to the mobile access point setup operation. The attacker can… New	-	CVE-2025-25523	2025-02-12 04:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

245	-		-	-	Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote targe… New	-	CVE-2025-25522	2025-02-12 04:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

246	-		-	-	Ash Authentication is an authentication framework for Elixir applications. Applications which have been bootstrapped by the igniter installer present since AshAuthentication v4.1.0 and who have used … New	CWE-269 Improper Privilege Management	CVE-2025-25202	2025-02-12 04:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

247	-		-	-	A security issue in Sitevision version 10.3.1 and older allows a remote attacker, in certain (non-default) scenarios, to gain access to the private keys used for signing SAML Authn requests. The unde… New	-	CVE-2022-35202	2025-02-12 04:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

248	7.2	HIGH Network	soflyy	wp_all_export	The WP ALL Export Pro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to improper user input validation and sanitization in all versi… Update	CWE-94 Code Injection	CVE-2024-7425	2025-02-12 04:12	2025-02-8	Show	GitHub Exploit DB Packet Storm

249	9.8	CRITICAL Network	pluginab	plugin_a\/b_image_optimizer	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zach Swetz Plugin A/B Image Optimizer allows Path Traversal. This issue affects Plugin A/B Image Optimi… Update	CWE-22 Path Traversal	CVE-2025-25163	2025-02-12 03:42	2025-02-7	Show	GitHub Exploit DB Packet Storm

250	6.1	MEDIUM Network	gabrieldarezzo	inlocation	Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation allows Stored XSS. This issue affects InLocation: from n/a through 1.8. Update	CWE-352 Origin Validation Error	CVE-2025-25166	2025-02-12 03:25	2025-02-7	Show	GitHub Exploit DB Packet Storm