Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
561	9.8	緊急 Network	Sapplica	Sentrifugo	Sapplica の Sentrifugo における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-29874	2025-01-27 13:34	2024-03-21	Show	GitHub Exploit DB Packet Storm

562	6.1	警告 Network	Sapplica	Sentrifugo	Sapplica の Sentrifugo におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-29879	2025-01-27 13:34	2024-03-21	Show	GitHub Exploit DB Packet Storm

563	9.1	緊急 Network	Palo Alto Networks	PAN-OS	Palo Alto Networks の PAN-OS における脆弱性	CWE-282 CWE-Other	CVE-2024-3383	2025-01-27 13:34	2024-04-10	Show	GitHub Exploit DB Packet Storm

564	5.4	警告 Network	exclusiveaddons	exclusive addons for elementor	exclusiveaddons の WordPress 用 exclusive addons for elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-4618	2025-01-27 13:34	2024-05-15	Show	GitHub Exploit DB Packet Storm

565	7.2	重要 Network	aipower	aipower	WordPress 用 aipower における信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2025-0428	2025-01-27 13:34	2025-01-22	Show	GitHub Exploit DB Packet Storm

566	5.3	警告 Network	Palo Alto Networks	PAN-OS	Palo Alto Networks の PAN-OS における解釈の競合に関する脆弱性	CWE-436 CWE-436	CVE-2024-3386	2025-01-27 13:34	2024-04-10	Show	GitHub Exploit DB Packet Storm

567	6.8	警告 Physics	Palo Alto Networks	PAN-OS	Palo Alto Networks の PAN-OS における脆弱性	CWE-20 CWE-noinfo	CVE-2024-5913	2025-01-27 13:34	2024-07-10	Show	GitHub Exploit DB Packet Storm

568	7.5	重要 Network	Magma	Magma	Magma における境界外書き込みに関する脆弱性	CWE-120 CWE-787	CVE-2024-24423	2025-01-27 13:32	2024-01-25	Show	GitHub Exploit DB Packet Storm

569	5.3	警告 Network	Timothee Boussus	Your Spotify	Timothee Boussus の Your Spotify におけるインジェクションに関する脆弱性	CWE-74 CWE-74 CWE-943	CVE-2024-28192	2025-01-27 13:22	2024-03-13	Show	GitHub Exploit DB Packet Storm

570	7.5	重要 Network	Magma	Magma	Magma における到達可能なアサーションに関する脆弱性	CWE-617 CWE-617	CVE-2023-37029	2025-01-27 12:33	2023-06-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Feb. 3, 2025, 4:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
791	-		-	-	Missing Authorization vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate Store Kit Elem…	CWE-862 Missing Authorization	CVE-2025-24584	2025-01-27 23:15	2025-01-27	Show	GitHub Exploit DB Packet Storm

792	-		-	-	Cross-Site Request Forgery (CSRF) vulnerability in MetaSlider Responsive Slider by MetaSlider allows Cross Site Request Forgery. This issue affects Responsive Slider by MetaSlider: from n/a through 3…	CWE-352 Origin Validation Error	CVE-2025-24533	2025-01-27 23:15	2025-01-27	Show	GitHub Exploit DB Packet Storm

793	-		-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Busters Passwordless WP – Login with your glance or fingerprint allows Reflected XSS. This iss…	CWE-79 Cross-site Scripting	CVE-2025-23792	2025-01-27 23:15	2025-01-27	Show	GitHub Exploit DB Packet Storm

794	-		-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Clodeo Shipdeo allows Reflected XSS. This issue affects Shipdeo: from n/a through 1.2.8.	CWE-79 Cross-site Scripting	CVE-2025-23457	2025-01-27 23:15	2025-01-27	Show	GitHub Exploit DB Packet Storm

795	-		-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Simple Locator allows Reflected XSS. This issue affects Simple Locator: from n/a through…	CWE-79 Cross-site Scripting	CVE-2025-22513	2025-01-27 23:15	2025-01-27	Show	GitHub Exploit DB Packet Storm

796	-		-	-	Eura7 CMSmanager in version 4.6 and below is vulnerable to Reflected XSS attacks through manipulation of return GET request parameter sent to a specific endpoint. The vulnerability has been fixed by …	-	CVE-2024-11348	2025-01-27 23:15	2025-01-27	Show	GitHub Exploit DB Packet Storm

797	8.9	HIGH Network	-	-	A flaw was found in the Red Hat Advanced Cluster Security (RHACS) portal. When rendering a table view in the portal, for example, on any of the /main/configmanagement/* endpoints, the front-end gener…	CWE-79 Cross-site Scripting	CVE-2022-4975	2025-01-27 23:15	2025-01-27	Show	GitHub Exploit DB Packet Storm

798	-		-	-	A NULL Pointer Dereference vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON a…	CWE-476 NULL Pointer Dereference	CVE-2025-0696	2025-01-27 20:15	2025-01-27	Show	GitHub Exploit DB Packet Storm

799	-		-	-	An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2025-0695	2025-01-27 20:15	2025-01-27	Show	GitHub Exploit DB Packet Storm

800	4.4	MEDIUM Local	-	-	A vulnerability classified as problematic was found in INW Krbyyyzo 25.2002. Affected by this vulnerability is an unknown functionality of the file /gbo.aspx of the component Daily Huddle Site. The m…	CWE-404 CWE-400 Improper Resource Shutdown or Release Uncontrolled Resource Consumption	CVE-2024-12345	2025-01-27 20:15	2025-01-27	Show	GitHub Exploit DB Packet Storm