Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 27, 2025, 10:01 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
381 9.8 緊急
Network
dirk1983 chatgpt-wechat-personal dirk1983 の chatgpt-wechat-personal におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
CWE-918
CVE-2024-27565 2025-01-22 17:08 2024-03-5 Show GitHub Exploit DB Packet Storm
382 5.4 警告
Network
Gonahkar Custom fields shortcode Gonahkar の WordPress 用 Custom fields shortcode におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2023-6809 2025-01-22 17:05 2023-12-13 Show GitHub Exploit DB Packet Storm
383 5.4 警告
Network
Savvy Wordpress Development MyWaze Savvy Wordpress Development の WordPress 用 MyWaze におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-25594 2025-01-22 17:03 2024-02-29 Show GitHub Exploit DB Packet Storm
384 7.8 重要
Local
マイクロソフト Microsoft SharePoint Enterprise Server
Microsoft SharePoint Server
Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-20
CWE-noinfo
CVE-2025-21344 2025-01-22 17:00 2025-01-14 Show GitHub Exploit DB Packet Storm
385 8.8 重要
Network
ZyXEL nwa90ax pro ファームウェア
nwa1123acv3 ファームウェア
nwa220ax-6e ファームウェア
WAX610D ファームウェア
wax300h ファームウェア
WAX510D ファームウェア
wac500h ファームウェア
wac500 ファ…
複数の ZyXEL 製品における脆弱性 CWE-269
CWE-noinfo
CVE-2024-12398 2025-01-22 16:58 2024-12-10 Show GitHub Exploit DB Packet Storm
386 6.6 警告
Physics
マイクロソフト Microsoft Windows Server 2008
Microsoft Windows Server 2019
Microsoft Windows Server 2012
Microsoft Windows 10
Microsoft Window…
Windows デジタル メディアの特権昇格の脆弱性 CWE-125
CWE-noinfo
CVE-2025-21341 2025-01-22 16:57 2025-01-14 Show GitHub Exploit DB Packet Storm
387 5.3 警告
Adjacent
ZyXEL ATP500 ファームウェア
ATP800 ファームウェア
ATP100 ファームウェア
atp700 ファームウェア
atp100w ファームウェア
ATP200 ファームウェア
USG FLEX 100H ファームウェア
usg flex 1…
複数の ZyXEL 製品における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス
CVE-2023-6397 2025-01-22 16:54 2023-11-30 Show GitHub Exploit DB Packet Storm
388 5.5 警告
Local
マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10
Microsoft Windows 11
Microsoft Windows Server 2025
Microsoft Windows Server&…
Windows 仮想化ベース セキュリティ (VBS) のセキュリティ機能バイパスの脆弱性 CWE-284
CWE-noinfo
CVE-2025-21340 2025-01-22 16:54 2025-01-14 Show GitHub Exploit DB Packet Storm
389 7.8 重要
Local
Linux Linux Kernel Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用
CVE-2024-57801 2025-01-22 16:52 2024-12-23 Show GitHub Exploit DB Packet Storm
390 5.5 警告
Local
Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス
CVE-2024-57882 2025-01-22 16:52 2024-12-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 27, 2025, 4:07 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 - - - Missing Authorization vulnerability in webraketen Internal Links Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Internal Links Manager: from n/a t… New CWE-862
 Missing Authorization
CVE-2025-24679 2025-01-25 03:15 2025-01-25 Show GitHub Exploit DB Packet Storm
172 - - - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Listamester Listamester allows Stored XSS. This issue affects Listamester: from n/a through 2.3.4. New CWE-80
Basic XSS
CVE-2025-24678 2025-01-25 03:15 2025-01-25 Show GitHub Exploit DB Packet Storm
173 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in osamaesh WP Visitor Statistics (Real Time Traffic) allows Stored XSS. This issue affects WP Visit… New CWE-79
Cross-site Scripting
CVE-2025-24675 2025-01-25 03:15 2025-01-25 Show GitHub Exploit DB Packet Storm
174 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Teplitsa. Technologies for Social Good ShMapper by Teplitsa allows Stored XSS. This issue affects… New CWE-79
Cross-site Scripting
CVE-2025-24674 2025-01-25 03:15 2025-01-25 Show GitHub Exploit DB Packet Storm
175 - - - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in AyeCode Ltd Ketchup Shortcodes allows Stored XSS. This issue affects Ketchup Shortcodes: from n/a throug… New CWE-80
Basic XSS
CVE-2025-24673 2025-01-25 03:15 2025-01-25 Show GitHub Exploit DB Packet Storm
176 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CodePeople Form Builder CP allows SQL Injection. This issue affects Form Builder CP: from n/a thr… New CWE-89
SQL Injection
CVE-2025-24672 2025-01-25 03:15 2025-01-25 Show GitHub Exploit DB Packet Storm
177 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SERPed SERPed.net allows SQL Injection. This issue affects SERPed.net: from n/a through 4.4. New CWE-89
SQL Injection
CVE-2025-24669 2025-01-25 03:15 2025-01-25 Show GitHub Exploit DB Packet Storm
178 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle PPOM for WooCommerce allows Stored XSS. This issue affects PPOM for WooCommerce: from n… New CWE-79
Cross-site Scripting
CVE-2025-24668 2025-01-25 03:15 2025-01-25 Show GitHub Exploit DB Packet Storm
179 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeIsle AI Chatbot for WordPress – Hyve Lite allows Stored XSS. This issue affects AI Chatbot f… New CWE-79
Cross-site Scripting
CVE-2025-24666 2025-01-25 03:15 2025-01-25 Show GitHub Exploit DB Packet Storm
180 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tips and Tricks HQ, Ruhul Amin, Josh Lobe Simple Download Monitor allows Blind SQL Injection. Thi… New CWE-89
SQL Injection
CVE-2025-24663 2025-01-25 03:15 2025-01-25 Show GitHub Exploit DB Packet Storm