Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 16, 2025, 2:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
521	4.8	警告 Network	ThimPress	LearnPress	ThimPress の WordPress 用 LearnPress におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1463	2025-01-10 16:28	2024-04-9	Show	GitHub Exploit DB Packet Storm

522	5.3	警告 Network	Eclipse Foundation	eclipse dataspace components	Eclipse Foundation の eclipse dataspace components における認証の欠如に関する脆弱性	CWE-862 CWE-862	CVE-2024-9202	2025-01-10 16:28	2024-09-27	Show	GitHub Exploit DB Packet Storm

523	7.5	重要 Network	クアルコム	fastconnect 6900 ファームウェア ipq5312 ファームウェア CSR8811 ファームウェア immersive home 214 ファームウェア fastconnect 7800 ファームウェア IPQ6000 ファームウェア IPQ501…	複数のクアルコム製品における境界外読み取りに関する脆弱性	CWE-125 CWE-126	CVE-2024-23363	2025-01-10 16:28	2024-06-3	Show	GitHub Exploit DB Packet Storm

524	6	警告 Local	デル	EMC PowerScale OneFS	デルの EMC PowerScale OneFS におけるリンク解釈に関する脆弱性	CWE-59 CWE-61	CVE-2024-25953	2025-01-10 16:28	2024-03-28	Show	GitHub Exploit DB Packet Storm

525	6.7	警告 Local	デル	EMC PowerScale OneFS	デルの EMC PowerScale OneFS における脆弱性	CWE-269 CWE-noinfo	CVE-2024-25961	2025-01-10 16:28	2024-03-28	Show	GitHub Exploit DB Packet Storm

526	7.5	重要 Network	デル	EMC PowerScale OneFS	デルの EMC PowerScale OneFS における脆弱性	CWE-385 CWE-Other	CVE-2024-25964	2025-01-10 16:28	2024-03-25	Show	GitHub Exploit DB Packet Storm

527	7.5	重要 Network	デル	EMC PowerScale OneFS	デルの EMC PowerScale OneFS における脆弱性	CWE-241 CWE-Other	CVE-2024-25966	2025-01-10 16:28	2024-05-14	Show	GitHub Exploit DB Packet Storm

528	6.5	警告 Network	デル	EMC PowerScale OneFS	デルの EMC PowerScale OneFS における脆弱性	CWE-20 CWE-noinfo	CVE-2024-25970	2025-01-10 16:28	2024-05-14	Show	GitHub Exploit DB Packet Storm

529	7.2	重要 Network	phpMyFAQ	phpMyFAQ	phpMyFAQ における危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 CWE-434	CVE-2024-28105	2025-01-10 16:28	2024-03-25	Show	GitHub Exploit DB Packet Storm

530	8.8	重要 Network	phpMyFAQ	phpMyFAQ	phpMyFAQ における SQL インジェクションの脆弱性	CWE-89 CWE-89	CVE-2024-28107	2025-01-10 16:28	2024-03-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 16, 2025, 4:15 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
11	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in Johan Ström Background Control allows Path Traversal.This issue affects Background Control: from n/a through 1.0.5. New	CWE-352 Origin Validation Error	CVE-2025-22784	2025-01-16 01:15	2025-01-16	Show	GitHub Exploit DB Packet Storm

12	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce allows Upload a Web Shell to a Web Server.This issue affects WR Price List Manager… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2025-22782	2025-01-16 01:15	2025-01-16	Show	GitHub Exploit DB Packet Storm

13	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nativery Developer Nativery allows DOM-Based XSS.This issue affects Nativery: from n/a through 0.… New	CWE-79 Cross-site Scripting	CVE-2025-22781	2025-01-16 01:15	2025-01-16	Show	GitHub Exploit DB Packet Storm

14	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexey Yuzhakov wp-pano allows Stored XSS.This issue affects wp-pano: from n/a through 1.17. New	CWE-79 Cross-site Scripting	CVE-2025-22780	2025-01-16 01:15	2025-01-16	Show	GitHub Exploit DB Packet Storm

15	-	-	-	Missing Authorization vulnerability in Ugur CELIK WP News Sliders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP News Sliders: from n/a through 1.0. New	CWE-862 Missing Authorization	CVE-2025-22779	2025-01-16 01:15	2025-01-16	Show	GitHub Exploit DB Packet Storm

16	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lijit Networks Inc. and Crowd Favorite Lijit Search allows Reflected XSS.This issue affects Lijit… New	CWE-79 Cross-site Scripting	CVE-2025-22778	2025-01-16 01:15	2025-01-16	Show	GitHub Exploit DB Packet Storm

17	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jay Carter WP Bulletin Board allows Reflected XSS.This issue affects WP Bulletin Board: from n/a … New	CWE-79 Cross-site Scripting	CVE-2025-22776	2025-01-16 01:15	2025-01-16	Show	GitHub Exploit DB Packet Storm

18	-	-	-	Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in WPChill Htaccess File Editor allows Exploiting Incorrectly Configured Access Control Security Levels.T… New	CWE-538 File and Directory Information Exposure	CVE-2025-22773	2025-01-16 01:15	2025-01-16	Show	GitHub Exploit DB Packet Storm

19	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative Brahma Multifox allows Stored XSS.This issue affects Multifox: from n/a through 1.3.7. New	CWE-79 Cross-site Scripting	CVE-2025-22769	2025-01-16 01:15	2025-01-16	Show	GitHub Exploit DB Packet Storm

20	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Masoud Amini Zarinpal Paid Download allows Reflected XSS.This issue affects Zarinpal Paid Downloa… New	CWE-79 Cross-site Scripting	CVE-2025-22766	2025-01-16 01:15	2025-01-16	Show	GitHub Exploit DB Packet Storm