Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
21	5.3	警告 Network	アップル	iOS iPadOS	複数のアップル製品における脆弱性	CWE-noinfo 情報不足	CVE-2024-54488	2025-01-31 15:42	2024-12-11	Show	GitHub Exploit DB Packet Storm

22	3.3	低 Local		-	アップルの macOS における脆弱性	CWE-noinfo 情報不足	CVE-2024-54516	2025-01-31 15:42	2024-12-11	Show	GitHub Exploit DB Packet Storm

23	5.5	警告 Local		-	アップルの macOS におけるパーミッションの不適切な保持に関する脆弱性	CWE-281 パーミッションの不適切な保持	CVE-2025-24087	2025-01-31 15:42	2025-01-27	Show	GitHub Exploit DB Packet Storm

24	6.7	警告 Local		-	アップルの macOS における古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2025-24153	2025-01-31 15:42	2025-01-27	Show	GitHub Exploit DB Packet Storm

25	4.2	警告 Physics	IBM	Watson CP4D Data Stores	IBM の Watson CP4D Data Stores における脆弱性	CWE-73 CWE-Other	CVE-2023-26282	2025-01-31 15:42	2023-03-22	Show	GitHub Exploit DB Packet Storm

26	6.5	警告 Network	アップル	tvOS watchOS iPadOS iOS visionos	複数のアップル製品における脆弱性	CWE-noinfo 情報不足	CVE-2025-24131	2025-01-31 15:41	2025-01-27	Show	GitHub Exploit DB Packet Storm

27	5.5	警告 Local	アップル	tvOS watchOS iPadOS iOS visionos	複数のアップル製品における脆弱性	CWE-noinfo 情報不足	CVE-2024-54541	2025-01-31 15:37	2024-12-11	Show	GitHub Exploit DB Packet Storm

28	7.8	重要 Local		-	アップルの macOS における整数オーバーフローの脆弱性	CWE-190 CWE-190	CVE-2025-24156	2025-01-31 15:36	2025-01-27	Show	GitHub Exploit DB Packet Storm

29	7.8	重要 Local		-	アップルの macOS における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2024-54509	2025-01-31 15:33	2024-12-11	Show	GitHub Exploit DB Packet Storm

30	8.8	重要 Network	アップル	iOS Safari iPadOS	複数のアップル製品におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2025-24150	2025-01-31 15:33	2025-01-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 22, 2025, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1171	7.2	HIGH Network	-	-	The Welcart e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 2.11.9 due to insufficient input sanitization a…	CWE-79 Cross-site Scripting	CVE-2025-0511	2025-02-12 21:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

1172	-		-	-	Stored Cross-Site Scripting (XSS) vulnerability in Prestashop 8.1.7, due to the lack of proper validation of user input through ‘/<admin_directory>/index.php’, affecting the ‘link’ parameter. This vu…	CWE-79 Cross-site Scripting	CVE-2025-1230	2025-02-12 20:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

1173	-		-	-	SQL Injection vulnerability in various API endpoints - offices, dashboards, etc. Apache Fineract versions 1.9 and before have a vulnerability that allows an authenticated attacker to inject malicious…	CWE-89 SQL Injection	CVE-2024-32838	2025-02-12 19:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

1174	6.4	MEDIUM Network	-	-	The Easy Quiz Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wqt-question' shortcode in all versions up to, and including, 2.0 due to insufficient input san…	CWE-79 Cross-site Scripting	CVE-2024-13456	2025-02-12 19:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

1175	4.3	MEDIUM Network	-	-	The Book a Room plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.9. This is due to missing or incorrect nonce validation on the 'bookaroom_Sett…	CWE-352 Origin Validation Error	CVE-2024-13437	2025-02-12 19:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

1176	-		-	-	Cacti through 1.2.29 allows SQL injection in the template function in host_templates.php via the graph_template parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146.	-	CVE-2025-26520	2025-02-12 16:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

1177	8.8	HIGH Network	-	-	The All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the '_get_image_by_url' function in all…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-13714	2025-02-12 15:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

1178	7.5	HIGH Network	-	-	The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.5 via the 'm…	CWE-200 Information Exposure	CVE-2024-13600	2025-02-12 15:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

1179	4.3	MEDIUM Network	-	-	The WP Table Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on thewptm_getFolders AJAX action in all versions up to, and including, 4.1.3. This ma…	CWE-862 Missing Authorization	CVE-2024-13374	2025-02-12 15:15	2025-02-12	Show	GitHub Exploit DB Packet Storm

1180	8.1	HIGH Network	-	-	The ConvertPlus plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'cp_dismiss_notice' AJAX endpoint…	CWE-862 Missing Authorization	CVE-2024-13800	2025-02-12 14:15	2025-02-12	Show	GitHub Exploit DB Packet Storm