Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 22, 2025, 12:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
291	7.8	重要 Local	Ivanti	connect secure policy secure	Ivanti の connect secure および policy secure における脆弱性 New	CWE-267 CWE-426 CWE-426 CWE-Other	CVE-2024-47906	2025-01-20 11:06	2024-11-12	Show	GitHub Exploit DB Packet Storm

292	7.5	重要 Network	Ivanti	connect secure policy secure	Ivanti の connect secure および policy secure における NULL ポインタデリファレンスに関する脆弱性 New	CWE-476 CWE-476	CVE-2024-8495	2025-01-20 11:06	2024-11-12	Show	GitHub Exploit DB Packet Storm

293	5.5	警告 Local	Ivanti	secure access client	Ivanti の secure access client における境界外読み取りに関する脆弱性 New	CWE-125 CWE-126	CVE-2024-9843	2025-01-20 11:06	2024-11-12	Show	GitHub Exploit DB Packet Storm

294	7.8	重要 Local	Huawei	curiem-wfg9b ファームウェア	Huawei の curiem-wfg9b ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-119 CWE-787	CVE-2023-52548	2025-01-20 11:05	2024-05-28	Show	GitHub Exploit DB Packet Storm

295	7.8	重要 Local	Huawei	curiem-wfg9b ファームウェア	Huawei の curiem-wfg9b ファームウェアにおける有効期限後のメモリの解放の欠如に関する脆弱性 New	CWE-284 CWE-401	CVE-2023-52711	2025-01-20 11:04	2024-05-28	Show	GitHub Exploit DB Packet Storm

296	7.8	重要 Local	paddlepaddle	paddlepaddle	paddlepaddle におけるコマンドインジェクションの脆弱性 New	CWE-77 コマンドインジェクション	CVE-2024-0817	2025-01-20 11:04	2024-03-7	Show	GitHub Exploit DB Packet Storm

297	9.8	緊急 Network	paddlepaddle	paddlepaddle	paddlepaddle における脆弱性 New	CWE-94 CWE-noinfo	CVE-2024-0917	2025-01-20 11:04	2024-03-7	Show	GitHub Exploit DB Packet Storm

298	4.3	警告 Network	zixn	Buy one click WooCommerce	zixn の WordPress 用 Buy one click WooCommerce における認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2024-10853	2025-01-20 11:04	2024-11-13	Show	GitHub Exploit DB Packet Storm

299	4.9	警告 Network	Basixonline	NEX-Forms	Basixonline の WordPress 用 NEX-Forms における SQL インジェクションの脆弱性 New	CWE-89 SQLインジェクション	CVE-2024-10862	2025-01-20 11:04	2024-12-25	Show	GitHub Exploit DB Packet Storm

300	7.2	重要 Network	Ivanti	connect secure policy secure	Ivanti の connect secure および policy secure におけるコマンドインジェクションの脆弱性 New	CWE-77 CWE-77	CVE-2024-11634	2025-01-20 11:04	2024-12-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 22, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
621	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in mastersoftwaresolutions WP VTiger Synchronization allows Stored XSS.This issue affects WP VTiger Synchronization: from n/a through 1.1.1.	CWE-352 Origin Validation Error	CVE-2025-23455	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

622	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Myriad Solutionz Stars SMTP Mailer allows Reflected XSS.This issue affects Stars SMTP Mailer: fro…	CWE-79 Cross-site Scripting	CVE-2025-23453	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

623	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EditionGuard Dev Team EditionGuard for WooCommerce – eBook Sales with DRM allows Reflected XSS.Th…	CWE-79 Cross-site Scripting	CVE-2025-23452	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

624	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Scott Swezey Easy Tynt allows Cross Site Request Forgery.This issue affects Easy Tynt: from n/a through 0.2.5.1.	CWE-352 Origin Validation Error	CVE-2025-23445	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

625	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nasir Scroll Top Advanced allows Stored XSS.This issue affects Scroll Top Advanced: from n/a thro…	CWE-79 Cross-site Scripting	CVE-2025-23444	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

626	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in matias s Shockingly Big IE6 Warning allows Stored XSS.This issue affects Shockingly Big IE6 Warning: from n/a through 1.6.3.	CWE-352 Origin Validation Error	CVE-2025-23442	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

627	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MarvinLabs WP PT-Viewer allows Reflected XSS.This issue affects WP PT-Viewer: from n/a through 2.…	CWE-79 Cross-site Scripting	CVE-2025-23438	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

628	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Capa Wp-Scribd-List allows Stored XSS.This issue affects Wp-Scribd-List: from n/a through 1.2.	CWE-352 Origin Validation Error	CVE-2025-23436	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

629	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in David Marcucci Password Protect Plugin for WordPress allows Stored XSS.This issue affects Password Protect Plugin for WordPress: from n/a through 0.…	CWE-352 Origin Validation Error	CVE-2025-23435	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

630	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Albertolabs.com Easy EU Cookie law allows Stored XSS.This issue affects Easy EU Cookie law: from …	CWE-79 Cross-site Scripting	CVE-2025-23434	2025-01-17 05:15	2025-01-17	Show	GitHub Exploit DB Packet Storm