Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 23, 2025, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
631	9.8	緊急 Network	Apache Software Foundation	hertzbeat	Apache Software Foundation の hertzbeat における信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 CWE-502	CVE-2023-51389	2025-01-17 19:41	2023-12-18	Show	GitHub Exploit DB Packet Storm

632	8.5	重要 Network	BoldGrid	W3 Total Cache	BoldGrid の WordPress 用 W3 Total Cache における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-12365	2025-01-17 19:41	2024-12-9	Show	GitHub Exploit DB Packet Storm

633	9.8	緊急 Network	Ivanti	Avalanche	Ivanti の Avalanche におけるパストラバーサルの脆弱性	CWE-22 CWE-22 CWE-288	CVE-2024-13181	2025-01-17 19:41	2025-01-14	Show	GitHub Exploit DB Packet Storm

634	6.4	警告 Network	s-sols	seraphinite accelerator	s-sols の WordPress 用 seraphinite accelerator におけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2024-1568	2025-01-17 19:41	2024-02-28	Show	GitHub Exploit DB Packet Storm

635	7.2	重要 Network	zestard	admin side data storage for contact form 7	zestard の WordPress 用 admin side data storage for contact form 7 における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-1776	2025-01-17 19:41	2024-02-23	Show	GitHub Exploit DB Packet Storm

636	8.8	重要 Network	Progress Software Corporation	telerik reporting	Progress Software Corporation の telerik reporting における信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 CWE-502	CVE-2024-1856	2025-01-17 19:40	2024-03-20	Show	GitHub Exploit DB Packet Storm

637	9.1	緊急 Network	WPvivid	Migration Backup Staging	WPvivid の WordPress 用 Migration, Backup, Staging における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-1981	2025-01-17 19:40	2024-02-29	Show	GitHub Exploit DB Packet Storm

638	4.8	警告 Network	shopfiles	ebook store	shopfiles の WordPress 用 ebook store におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-23501	2025-01-17 19:40	2024-02-29	Show	GitHub Exploit DB Packet Storm

639	6.5	警告 Network	axiosys	bento4	axiosys の bento4 における有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 CWE-401	CVE-2024-24155	2025-01-17 19:40	2024-02-29	Show	GitHub Exploit DB Packet Storm

640	5.4	警告 Network	Vanderbilt	redcap	Vanderbilt の redcap におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2024-56377	2025-01-17 19:40	2024-12-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
451	7.8	HIGH Local	microsoft	365_apps office	Microsoft Office Visio Remote Code Execution Vulnerability Update	NVD-CWE-noinfo	CVE-2025-21356	2025-01-22 04:37	2025-01-15	Show	GitHub Exploit DB Packet Storm

452	7.8	HIGH Local	microsoft	365_apps office office_online_server	Microsoft Excel Remote Code Execution Vulnerability Update	NVD-CWE-noinfo	CVE-2025-21354	2025-01-22 04:36	2025-01-15	Show	GitHub Exploit DB Packet Storm

453	7.2	HIGH Network	microsoft	sharepoint_server	Microsoft SharePoint Server Remote Code Execution Vulnerability Update	NVD-CWE-noinfo	CVE-2025-21348	2025-01-22 04:30	2025-01-15	Show	GitHub Exploit DB Packet Storm

454	7.8	HIGH Local	microsoft	365_apps office	Microsoft Office Security Feature Bypass Vulnerability Update	NVD-CWE-noinfo	CVE-2025-21346	2025-01-22 04:29	2025-01-15	Show	GitHub Exploit DB Packet Storm

455	-		-	-	An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed signature spoofing for unauthorized internal users. Instances not utilizing … New	-	CVE-2025-23369	2025-01-22 04:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

456	-		-	-	An issue in RAR Extractor - Unarchiver Free and Pro v.6.4.0 allows local attackers to inject arbitrary code potentially leading to remote control and unauthorized access to sensitive user data via th… New	-	CVE-2024-55504	2025-01-22 04:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

457	-		-	-	An issue in System.Linq.Dynamic.Core Latest version v.1.4.6 allows remote access to properties on reflection types and static properties/fields. New	-	CVE-2024-51417	2025-01-22 04:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

458	-		-	-	SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting (XSS) vulnerabilities in the create/edit forms of the worksheet designer function. New	-	CVE-2024-54795	2025-01-22 04:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

459	-		-	-	The script input feature of SpagoBI 3.5.1 allows arbitrary code execution. New	-	CVE-2024-54794	2025-01-22 04:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

460	-		-	-	A Cross-Site Request Forgery (CSRF) vulnerability has been found in SpagoBI v3.5.1 in the user administration panel. An authenticated user can lead another user into executing unwanted actions inside… New	-	CVE-2024-54792	2025-01-22 04:15	2025-01-22	Show	GitHub Exploit DB Packet Storm