Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 30, 2025, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
571	7.8	重要 Local	Google	Android	Google の Android における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2018-9389	2025-01-24 14:04	2018-04-5	Show	GitHub Exploit DB Packet Storm

572	9.8	緊急 Network	デル	smartfabric os10	デルの smartfabric os10 における OS コマンドインジェクションの脆弱性	CWE-20 CWE-78	CVE-2023-32462	2025-01-24 14:04	2023-05-9	Show	GitHub Exploit DB Packet Storm

573	7.8	重要 Local	F5 Networks	BIG-IP Next Cloud-Native Network Functions	F5 Networks の BIG-IP Next Cloud-Native Network Functions における脆弱性	CWE-522 CWE-noinfo	CVE-2024-23306	2025-01-24 13:58	2024-02-14	Show	GitHub Exploit DB Packet Storm

574	9.8	緊急 Network	PHOENIX CONTACT	charx sec-3100 ファームウェア charx sec-3050 ファームウェア charx sec-3000 ファームウェア charx sec-3150 ファームウェア	複数の PHOENIX CONTACT 製品におけるリソースの安全ではないデフォルト値への初期化に関する脆弱性	CWE-1188 リソースの安全ではないデフォルト値への初期化	CVE-2024-6788	2025-01-24 13:51	2024-08-13	Show	GitHub Exploit DB Packet Storm

575	7.8	重要 Local	インテル	graphics performance analyzers	インテルの graphics performance analyzers における脆弱性	CWE-284 CWE-noinfo	CVE-2023-40071	2025-01-24 13:51	2023-10-12	Show	GitHub Exploit DB Packet Storm

576	4.8	警告 Network	WP Ninjas, LLC.	Ninja Forms	Saturday Drive の WordPress 用 Ninja Forms におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-50515	2025-01-24 13:51	2024-11-19	Show	GitHub Exploit DB Packet Storm

577	5.4	警告 Network	Nextcloud	Nextcloud Server	Nextcloud の Nextcloud Server における不正な認証に関する脆弱性	CWE-287 CWE-863	CVE-2024-52518	2025-01-24 13:51	2024-11-15	Show	GitHub Exploit DB Packet Storm

578	7.5	重要 Network	EBM Technologies	RISWEB	EBM Technologies の RISWEB における重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2024-26263	2025-01-24 13:45	2024-02-15	Show	GitHub Exploit DB Packet Storm

579	5.5	警告 Local	radare	radare2	radare の radare2 における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2024-26475	2025-01-24 13:45	2024-03-14	Show	GitHub Exploit DB Packet Storm

580	6.5	警告 Network	ZyXEL	NAS 542 ファームウェア NAS 326 ファームウェア	ZyXEL の NAS 326 ファームウェアおよび NAS 542 ファームウェアにおける脆弱性	CWE-269 CWE-noinfo	CVE-2024-29976	2025-01-24 13:45	2024-06-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
651	7.5	HIGH Network	gamipress	gamipress	The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versi…	CWE-89 SQL Injection	CVE-2024-13496	2025-01-25 05:45	2025-01-22	Show	GitHub Exploit DB Packet Storm

652	7.3	HIGH Network	gamipress	gamipress	The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipress_do_shortcode() fu…	CWE-94 Code Injection	CVE-2024-13499	2025-01-25 05:37	2025-01-22	Show	GitHub Exploit DB Packet Storm

653	3.5	LOW Network	-	-	A vulnerability was found in fumiao opencms 2.2. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/model/addOrUpdate of the component Add Model Managemen…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2025-0708	2025-01-25 05:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

654	7.8	HIGH Local	-	-	A vulnerability was found in Rise Group Rise Mode Temp CPU 2.1. It has been classified as critical. This affects an unknown part in the library CRYPTBASE.dll of the component Startup. The manipulatio…	CWE-426 Untrusted Search Path	CVE-2025-0707	2025-01-25 05:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

655	2.4	LOW Network	-	-	A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/s…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2025-0706	2025-01-25 05:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

656	-		-	-	InnoShop V.0.3.8 and below is vulnerable to Cross Site Scripting (XSS) via SVG file upload.	-	CVE-2024-57277	2025-01-25 05:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

657	-		-	-	SQL injection vulnerability in Go-CMS v.1.1.10 allows a remote attacker to execute arbitrary code via a crafted payload.	-	CVE-2024-57095	2025-01-25 05:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

658	-		-	-	A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' section of their profile.	-	CVE-2024-57041	2025-01-25 05:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

659	-		-	-	KWHotel 0.47 is vulnerable to CSV Formula Injection in the add guest function.	-	CVE-2023-46400	2025-01-25 05:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

660	-		-	-	A stack overflow in the sctp_server::sctp_receiver_thread component of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establis…	-	CVE-2024-24451	2025-01-25 05:15	2025-01-22	Show	GitHub Exploit DB Packet Storm