Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
31 8.8 重要
Network 		Delta Electronics, INC. DIAEnergie Delta Electronics, INC. の DIAEnergie における SQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2024-34032 2025-01-31 15:16 2024-05-3 Show GitHub Exploit DB Packet Storm
32 5.4 警告
Network 		Brainstorm Force Elementor Header & Footer Builder Brainstorm Force の WordPress 用 Elementor Header & Footer Builder におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4634 2025-01-31 15:16 2024-05-16 Show GitHub Exploit DB Packet Storm
33 6.5 警告
Network 		JetBrains YouTrack JetBrains の YouTrack における非効率的な正規表現の複雑さに関する脆弱性 New CWE-1333
非効率的な正規表現の複雑さ 		CVE-2024-54157 2025-01-31 15:16 2024-12-4 Show GitHub Exploit DB Packet Storm
34 6.1 警告
Network 		JetBrains TeamCity JetBrains の TeamCity におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-24459 2025-01-31 15:16 2025-01-21 Show GitHub Exploit DB Packet Storm
35 6.5 警告
Network 		JetBrains TeamCity JetBrains の TeamCity における認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2025-24461 2025-01-31 15:16 2025-01-21 Show GitHub Exploit DB Packet Storm
36 6.1 警告
Network 		Esri Portal for ArcGIS Esri の Portal for ArcGIS におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-8149 2025-01-31 15:01 2024-10-4 Show GitHub Exploit DB Packet Storm
37 4.3 警告
Network 		JetBrains TeamCity JetBrains の TeamCity における不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2025-24460 2025-01-31 15:01 2025-01-21 Show GitHub Exploit DB Packet Storm
38 8.8 重要
Network 		weDevs wp erp weDevs の WordPress 用 wp erp における SQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2024-0608 2025-01-31 14:50 2024-03-29 Show GitHub Exploit DB Packet Storm
39 7.2 重要
Network 		weDevs wp erp weDevs の WordPress 用 wp erp における SQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2024-0913 2025-01-31 14:50 2024-03-29 Show GitHub Exploit DB Packet Storm
40 5.4 警告
Network 		Brainstorm Force ultimate addons for beaver builder Brainstorm Force の WordPress 用 ultimate addons for beaver builder におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-2140 2025-01-31 14:50 2024-03-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 1, 2025, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
741 - - - Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or "u… CWE-250
 Execution with Unnecessary Privileges 		CVE-2025-24814 2025-01-27 18:15 2025-01-27 Show GitHub Exploit DB Packet Storm
742 - - - A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. This issue affects: * O… - CVE-2025-24390 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
743 - - - Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator. This issue affects: … - CVE-2025-24389 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
744 - - - An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. This issue affects: * OTRS 7.0.X … - CVE-2024-43446 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
745 - - - A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or… - CVE-2024-43445 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
746 - - - The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to upload arbitrary images and change the path where they are uploaded - CVE-2024-13117 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
747 - - - The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks … - CVE-2024-13116 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
748 - - - The WP Triggers Lite WordPress plugin through 2.5.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used aga… - CVE-2024-13094 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
749 - - - The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add… - CVE-2024-13057 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
750 - - - The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used a… - CVE-2024-13056 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm