Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2101	7.8	重要 Local	マイクロソフト	Microsoft Windows 10 Microsoft Windows Server 2019	Windows カーネルモードドライバーの特権の昇格の脆弱性	CWE-416 CWE-noinfo	CVE-2024-49074	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

2102	6.8	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	Windows モバイルブロードバンドドライバーの特権昇格の脆弱性	CWE-125 CWE-191 CWE-noinfo	CVE-2024-49077	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

2103	6.8	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	Windows モバイルブロードバンドドライバーの特権昇格の脆弱性	CWE-125 CWE-noinfo	CVE-2024-49083	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

2104	6.6	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	ワイヤレス広域ネットワークサービス (WwanSvc) の特権昇格の脆弱性	CWE-122 CWE-noinfo	CVE-2024-49094	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

2105	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel におけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2021-47055	2025-01-14 16:20	2021-03-28	Show	GitHub Exploit DB Packet Storm

2106	4.3	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	Windows ワイヤレスワイドエリアネットワークサービス (WwanSvc) の情報漏えいの脆弱性	CWE-125 CWE-noinfo	CVE-2024-49099	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

2107	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2016 Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Window…	Windows ルーティングとリモートアクセスサービス (RRAS) のリモートでコードが実行される脆弱性	CWE-122 CWE-noinfo	CVE-2024-49104	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

2108	6.6	警告 Physics	マイクロソフト	Microsoft Windows 11 Microsoft Windows Server 2019 Microsoft Windows Server 2022 Microsoft Windows Server 2025 Microsoft Window…	ワイヤレス広域ネットワークサービス (WwanSvc) の特権昇格の脆弱性	CWE-125 CWE-noinfo	CVE-2024-49109	2025-01-14 16:20	2024-12-10	Show	GitHub Exploit DB Packet Storm

2109	4.3	警告 Network	Jegtheme	Jeg Elementor Kit	Jegtheme の WordPress 用 Jeg Elementor Kit における重要な情報のセキュアでない格納に関する脆弱性	CWE-200 CWE-922	CVE-2024-8899	2025-01-14 16:18	2024-11-26	Show	GitHub Exploit DB Packet Storm

2110	6.5	警告 Network	argoproj	argo cd	argoproj の argo cd における脆弱性	CWE-269 CWE-noinfo	CVE-2024-41666	2025-01-14 16:17	2024-07-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 26, 2025, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
101	5.4	MEDIUM Network	imamura	newpost_catch	The Newpost Catch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's npc shortcode in all versions up to, and including, 1.3.19 due to insufficient input sanitization … Update	CWE-79 Cross-site Scripting	CVE-2025-1406	2025-02-25 12:38	2025-02-21	Show	GitHub Exploit DB Packet Storm

102	5.4	MEDIUM Network	amothemo	amo_team_showcase	The AMO Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's amoteam_skills shortcode in all versions up to, and including, 1.1.4 due to insufficient input… Update	CWE-79 Cross-site Scripting	CVE-2025-1407	2025-02-25 12:37	2025-02-21	Show	GitHub Exploit DB Packet Storm

103	7.5	HIGH Network	pixelite	events_manager	The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the active_status parameter in all versions up to, and including, 6.6.3 … Update	CWE-89 SQL Injection	CVE-2024-11260	2025-02-25 12:36	2025-02-21	Show	GitHub Exploit DB Packet Storm

104	5.4	MEDIUM Network	jonathanjernigan	pie_calendar	The Events Calendar Made Simple – Pie Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's piecal shortcode in all versions up to, and including, 1.2.5 due to i… Update	CWE-79 Cross-site Scripting	CVE-2025-1410	2025-02-25 12:35	2025-02-21	Show	GitHub Exploit DB Packet Storm

105	6.5	MEDIUM Network	ultimatemember	ultimate_member	The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to second-order SQL Injection via filenames in al… Update	CWE-89 SQL Injection	CVE-2024-12276	2025-02-25 12:34	2025-02-21	Show	GitHub Exploit DB Packet Storm

106	5.4	MEDIUM Network	oliverfriedmann	ziggeo	The Ziggeo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ziggeo_event' shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization… Update	CWE-79 Cross-site Scripting	CVE-2024-12452	2025-02-25 12:33	2025-02-21	Show	GitHub Exploit DB Packet Storm

107	8.8	HIGH Network	cyberchimps	responsive_addons_for_elementor	The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.4 via s… Update	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2024-13353	2025-02-25 12:32	2025-02-21	Show	GitHub Exploit DB Packet Storm

108	5.4	MEDIUM Network	patternsinthecloud	autoship_cloud	The Autoship Cloud for WooCommerce Subscription Products plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'autoship-create-scheduled-order-action' shortcode in all v… Update	CWE-79 Cross-site Scripting	CVE-2024-13461	2025-02-25 12:31	2025-02-21	Show	GitHub Exploit DB Packet Storm

109	5.4	MEDIUM Network	icopydoc	maps_for_wp	The Maps for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'MapOnePoint' shortcode in all versions up to, and including, 1.2.4 due to insufficient input saniti… Update	CWE-79 Cross-site Scripting	CVE-2024-13648	2025-02-25 12:30	2025-02-21	Show	GitHub Exploit DB Packet Storm

110	5.4	MEDIUM Network	igumbi	igumbi	The igumbi Online Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'igumbi_calendar' shortcode in all versions up to, and including, 1.40 due to insufficient… Update	CWE-79 Cross-site Scripting	CVE-2024-13455	2025-02-25 12:29	2025-02-21	Show	GitHub Exploit DB Packet Storm