Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 3, 2025, 1:14 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
51 5.4 警告
Network
Brainstorm Force ultimate addons for beaver builder Brainstorm Force の WordPress 用 ultimate addons for beaver builder におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-2144 2025-01-31 14:50 2024-03-30 Show GitHub Exploit DB Packet Storm
52 9.8 緊急
Network
netentsec application security gateway netentsec の application security gateway における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2024-2646 2025-01-31 14:50 2024-03-19 Show GitHub Exploit DB Packet Storm
53 6.1 警告
Network
unlimited-elements unlimited elements for elementor unlimited-elements の WordPress 用 unlimited elements for elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-3547 2025-01-31 14:50 2024-05-14 Show GitHub Exploit DB Packet Storm
54 7.8 重要
Local
Delta Electronics, INC. DIAScreen Delta Electronics, INC. の DIAScreen における境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2024-39354 2025-01-31 14:50 2024-11-11 Show GitHub Exploit DB Packet Storm
55 5.4 警告
Network
envothemes envo extra envothemes の WordPress 用 envo extra におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-4385 2025-01-31 14:50 2024-05-16 Show GitHub Exploit DB Packet Storm
56 8.8 重要
Network
unlimited-elements unlimited elements for elementor unlimited-elements の WordPress 用 unlimited elements for elementor における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2024-4779 2025-01-31 14:50 2024-05-23 Show GitHub Exploit DB Packet Storm
57 5.4 警告
Network
Wpmet elementskit Wpmet の WordPress 用 elementskit におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2025-0321 2025-01-31 14:50 2025-01-28 Show GitHub Exploit DB Packet Storm
58 9.8 緊急
Network
netentsec application security gateway netentsec の application security gateway における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2024-2649 2025-01-31 14:50 2024-03-20 Show GitHub Exploit DB Packet Storm
59 8.8 重要
Network
Delta Electronics, INC. DIAEnergie Delta Electronics, INC. の DIAEnergie における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2024-34031 2025-01-31 14:50 2024-05-3 Show GitHub Exploit DB Packet Storm
60 4.9 警告
Network
creativethemes blocksy companion creativethemes の WordPress 用 blocksy companion におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ
CVE-2024-35633 2025-01-31 14:50 2024-06-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Feb. 14, 2025, 4:13 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1171 9.1 CRITICAL
Network
- - IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. CWE-78
OS Command 
CVE-2024-51450 2025-02-6 10:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1172 7.8 HIGH
Local
- - IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow a locally authenticated user to increase their privileges due to execution with unnecessary privileges. CWE-250
 Execution with Unnecessary Privileges
CVE-2024-49814 2025-02-6 10:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1173 5.3 MEDIUM
Network
- - IBM Aspera Shares 1.9.0 through 1.10.0 PL6 could allow an attacker to spoof their IP address, which is written to log files, due to improper verification of 'Client-IP' headers. CWE-117
 Improper Output Neutralization for Logs
CVE-2024-56473 2025-02-6 08:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1174 6.4 MEDIUM
Network
- - IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering … CWE-79
Cross-site Scripting
CVE-2024-56472 2025-02-6 08:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1175 5.4 MEDIUM
Network
- - IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially le… CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2024-56471 2025-02-6 08:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1176 5.4 MEDIUM
Network
- - IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially le… CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2024-56470 2025-02-6 08:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1177 4.8 MEDIUM
Network
- - IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within… CWE-80
Basic XSS
CVE-2024-38318 2025-02-6 08:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1178 4.8 MEDIUM
Network
- - IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the inten… CWE-79
Cross-site Scripting
CVE-2024-38317 2025-02-6 08:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1179 4.3 MEDIUM
Network
- - IBM Aspera Shares 1.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an authenticated user can send emails, which could result in email flooding or a denial of service. CWE-770
 Allocation of Resources Without Limits or Throttling
CVE-2024-38316 2025-02-6 08:15 2025-02-6 Show GitHub Exploit DB Packet Storm
1180 - - - When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. Thi… - CVE-2025-23419 2025-02-6 05:15 2025-02-6 Show GitHub Exploit DB Packet Storm