Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
531 7.5 重要
Network 		Palo Alto Networks PAN-OS Palo Alto Networks の PAN-OS における NULL ポインタデリファレンスに関する脆弱性 CWE-476
CWE-476
CVE-2024-2550 2025-01-27 14:39 2024-11-14 Show GitHub Exploit DB Packet Storm
532 7.5 重要
Network 		lfprojects mlflow lfprojects の mlflow におけるパストラバーサルの脆弱性 CWE-22
CWE-29
CVE-2024-3848 2025-01-27 14:38 2024-05-16 Show GitHub Exploit DB Packet Storm
533 9.8 緊急
Network 		Themeum Tutor LMS Themeum の WordPress 用 Tutor LMS における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-4223 2025-01-27 14:38 2024-05-16 Show GitHub Exploit DB Packet Storm
534 5.4 警告
Network 		getshortcodes shortcodes ultimate getshortcodes の WordPress 用 shortcodes ultimate におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4553 2025-01-27 14:38 2024-05-21 Show GitHub Exploit DB Packet Storm
535 5.4 警告
Network 		Elementor Elementor Website Builder Elementor の WordPress 用 Elementor Website Builder におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4619 2025-01-27 14:38 2024-05-21 Show GitHub Exploit DB Packet Storm
536 5.4 警告
Network 		HasThemes HT Mega - Absolute Addons For Elementor HasThemes の WordPress 用 HT Mega - Absolute Addons For Elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-4876 2025-01-27 14:38 2024-05-21 Show GitHub Exploit DB Packet Storm
537 7.3 重要
Network 		GamiPress GamiPress - Vimeo integration GamiPress の WordPress 用 GamiPress - Vimeo integration におけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2024-13495 2025-01-27 14:38 2025-01-22 Show GitHub Exploit DB Packet Storm
538 7.3 重要
Network 		GamiPress GamiPress - Vimeo integration GamiPress の WordPress 用 GamiPress - Vimeo integration におけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2024-13499 2025-01-27 14:38 2025-01-22 Show GitHub Exploit DB Packet Storm
539 6.4 警告
Network 		Apache Software Foundation Apache Pulsar Apache Software Foundation の Apache Pulsar における不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2024-29834 2025-01-27 14:38 2024-04-2 Show GitHub Exploit DB Packet Storm
540 9.8 緊急
Network 		Sapplica Sentrifugo Sapplica の Sentrifugo における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-29873 2025-01-27 14:38 2024-03-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 1, 2025, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
741 - - - Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or "u… CWE-250
 Execution with Unnecessary Privileges 		CVE-2025-24814 2025-01-27 18:15 2025-01-27 Show GitHub Exploit DB Packet Storm
742 - - - A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. This issue affects: * O… - CVE-2025-24390 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
743 - - - Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator. This issue affects: … - CVE-2025-24389 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
744 - - - An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. This issue affects: * OTRS 7.0.X … - CVE-2024-43446 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
745 - - - A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or… - CVE-2024-43445 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
746 - - - The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to upload arbitrary images and change the path where they are uploaded - CVE-2024-13117 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
747 - - - The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks … - CVE-2024-13116 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
748 - - - The WP Triggers Lite WordPress plugin through 2.5.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used aga… - CVE-2024-13094 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
749 - - - The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add… - CVE-2024-13057 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm
750 - - - The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used a… - CVE-2024-13056 2025-01-27 15:15 2025-01-27 Show GitHub Exploit DB Packet Storm