Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 15, 2025, 6:03 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
351 9.1 緊急
Network
lunary lunary lunary における不正な認証に関する脆弱性 New CWE-863
不正な認証
CVE-2024-1740 2025-01-14 11:48 2024-04-10 Show GitHub Exploit DB Packet Storm
352 5.5 警告
Local
Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス
CVE-2024-56767 2025-01-14 11:36 2024-12-2 Show GitHub Exploit DB Packet Storm
353 5.5 警告
Local
Linux Linux Kernel Linux の Linux Kernel における整数オーバーフローの脆弱性 New CWE-190
整数オーバーフローまたはラップアラウンド
CVE-2024-53151 2025-01-14 10:33 2024-11-11 Show GitHub Exploit DB Packet Storm
354 5.5 警告
Local
Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス
CVE-2024-53154 2025-01-14 10:33 2024-11-14 Show GitHub Exploit DB Packet Storm
355 7.8 重要
Local
Linux Linux Kernel Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 New CWE-416
解放済みメモリの使用
CVE-2024-56653 2025-01-14 10:33 2024-12-12 Show GitHub Exploit DB Packet Storm
356 5.5 警告
Local
Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス
CVE-2024-56730 2025-01-14 10:33 2024-11-16 Show GitHub Exploit DB Packet Storm
357 5.5 警告
Local
Linux Linux Kernel Linux の Linux Kernel における初期化されていないリソースの使用に関する脆弱性 New CWE-908
初期化されていないリソースの使用
CVE-2024-56739 2025-01-14 10:33 2024-11-11 Show GitHub Exploit DB Packet Storm
358 5.3 警告
Network
IBM Engineering Lifecycle Optimization - Engineering Insights IBM の Engineering Lifecycle Optimization - Engineering Insights におけるエラーメッセージによる情報漏えいに関する脆弱性 New CWE-209
エラーメッセージによる情報漏えい
CVE-2024-39725 2025-01-14 10:18 2024-12-24 Show GitHub Exploit DB Packet Storm
359 9.8 緊急
Network
IBM Engineering Lifecycle Optimization - Engineering Insights IBM の Engineering Lifecycle Optimization - Engineering Insights における脆弱性 New CWE-1022
CWE-Other
CVE-2024-39727 2025-01-14 10:18 2024-12-24 Show GitHub Exploit DB Packet Storm
360 5.2 警告
Adjacent
IBM IBM Cognos Analytics IBM の IBM Cognos Analytics におけるオープンリダイレクトの脆弱性 New CWE-601
オープンリダイレクト
CVE-2024-45082 2025-01-14 10:18 2024-12-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 15, 2025, 4:11 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
161 - - - OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may execute an arbitrary OS comm… New CWE-78
OS Command 
CVE-2025-20055 2025-01-14 19:15 2025-01-14 Show GitHub Exploit DB Packet Storm
162 - - - OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340/D440 provided by Y'S corporation. A user with an administrative privilege who logged in to the web management… New CWE-78
OS Command 
CVE-2025-20016 2025-01-14 19:15 2025-01-14 Show GitHub Exploit DB Packet Storm
163 9.8 CRITICAL
Network
- - The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, … New CWE-287
Improper Authentication
CVE-2024-12919 2025-01-14 19:15 2025-01-14 Show GitHub Exploit DB Packet Storm
164 8.8 HIGH
Network
- - The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gh_bi… New CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2025-0394 2025-01-14 18:15 2025-01-14 Show GitHub Exploit DB Packet Storm
165 6.1 MEDIUM
Network
- - The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1006. This is due to missing or incorrect nonce val… New CWE-352
 Origin Validation Error
CVE-2025-0393 2025-01-14 18:15 2025-01-14 Show GitHub Exploit DB Packet Storm
166 6.4 MEDIUM
Network
- - The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘heading’ parameter in all versions up to, and including… New CWE-79
Cross-site Scripting
CVE-2024-13156 2025-01-14 18:15 2025-01-14 Show GitHub Exploit DB Packet Storm
167 4.9 MEDIUM
Network
- - A vulnerability was found in Keycloak. Admin users may have to access sensitive server environment variables and system properties through user-configurable URLs. When configuring backchannel logout … New CWE-526
 Cleartext Storage of Sensitive Information in an Environment Variable
CVE-2024-11736 2025-01-14 18:15 2025-01-14 Show GitHub Exploit DB Packet Storm
168 6.5 MEDIUM
Network
- - A denial of service vulnerability was found in Keycloak that could allow an administrative user with the right to change realm settings to disrupt the service. This action is done by modifying any of… New CWE-693
 Protection Mechanism Failure
CVE-2024-11734 2025-01-14 18:15 2025-01-14 Show GitHub Exploit DB Packet Storm
169 5.3 MEDIUM
Network
- - The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 through the publicly exposed debug log file. This makes it possible for unaut… New CWE-200
Information Exposure
CVE-2024-12008 2025-01-14 16:15 2025-01-14 Show GitHub Exploit DB Packet Storm
170 5.3 MEDIUM
Network
- - The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.8.1. This mak… New CWE-862
 Missing Authorization
CVE-2024-12006 2025-01-14 16:15 2025-01-14 Show GitHub Exploit DB Packet Storm