Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 22, 2025, 6:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
61	7.8	重要 Local	デル	repository manager	デルの repository manager におけるパストラバーサルの脆弱性 New	CWE-20 CWE-22	CVE-2024-28976	2025-01-22 16:26	2024-04-24	Show	GitHub Exploit DB Packet Storm

62	7.1	重要 Local	sixlabors	imagesharp	sixlabors の imagesharp における解放済みメモリの使用に関する脆弱性 New	CWE-416 CWE-416	CVE-2024-27929	2025-01-22 16:24	2024-03-5	Show	GitHub Exploit DB Packet Storm

63	5.4	警告 Network	exclusiveaddons	exclusive addons for elementor	exclusiveaddons の WordPress 用 exclusive addons for elementor におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-2751	2025-01-22 16:22	2024-05-2	Show	GitHub Exploit DB Packet Storm

64	8.1	重要 Network	WonderCMS	WonderCMS	WonderCMS におけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 CWE-918	CVE-2024-27561	2025-01-22 16:22	2024-03-5	Show	GitHub Exploit DB Packet Storm

65	5.4	警告 Network	Booster	Booster for WooCommerce	Booster の WordPress 用 Booster for WooCommerce におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1534	2025-01-22 16:18	2024-03-7	Show	GitHub Exploit DB Packet Storm

66	5.4	警告 Network	Ninja Team	wp chat app	Ninja Team の WordPress 用 wp chat app におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1761	2025-01-22 16:18	2024-03-7	Show	GitHub Exploit DB Packet Storm

67	8.2	重要 Network	ThemeKraft	post form	ThemeKraft の WordPress 用 post form における脆弱性 New	CWE-noinfo 情報不足	CVE-2024-1170	2025-01-22 16:16	2024-03-7	Show	GitHub Exploit DB Packet Storm

68	6.5	警告 Network	ZyXEL	USG FLEX 100H ファームウェア atp700 ファームウェア USG FLEX 100AX ファームウェア usg flex 100 ファームウェア ATP200 ファームウェア ATP100 ファームウェア usg f…	複数の ZyXEL 製品における脆弱性 New	CWE-134 CWE-noinfo	CVE-2023-6399	2025-01-22 15:58	2023-11-30	Show	GitHub Exploit DB Packet Storm

69	7.5	重要 Network	ThemeKraft	post form	ThemeKraft の WordPress 用 post form における脆弱性 New	CWE-noinfo 情報不足	CVE-2024-1169	2025-01-22 15:58	2024-03-7	Show	GitHub Exploit DB Packet Storm

70	5.4	警告 Network	bdthemes	prime slider	bdthemes の WordPress 用 prime slider におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1506	2025-01-22 15:57	2024-03-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 22, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
521	-	-	-	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AlphaBPO Easy Code Snippets allows SQL Injection.This issue affects Easy Code Snippets: from n/a …	CWE-89 SQL Injection	CVE-2025-23780	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

522	-	-	-	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in web-mv.de ResAds allows SQL Injection.This issue affects ResAds: from n/a through 2.0.5.	CWE-89 SQL Injection	CVE-2025-23779	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

523	-	-	-	Missing Authorization vulnerability in Pravin Durugkar User Sync ActiveCampaign allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Sync ActiveCampaign: fr…	CWE-862 Missing Authorization	CVE-2025-23778	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

524	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Willows Consulting Ltd. GDPR Personal Data Reports allows Stored XSS.This issue affects GDPR Pers…	CWE-79 Cross-site Scripting	CVE-2025-23777	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

525	-	-	-	Missing Authorization vulnerability in Thorn Technologies LLC Cache Sniper for Nginx allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cache Sniper for Nginx:…	CWE-862 Missing Authorization	CVE-2025-23776	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

526	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WWP GMAPS for WPBakery Page Builder Free allows Stored XSS.This issue affects GMAPS for WPBakery …	CWE-79 Cross-site Scripting	CVE-2025-23775	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

527	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eugenio Petullà imaGenius allows Stored XSS.This issue affects imaGenius: from n/a through 1.7.	CWE-79 Cross-site Scripting	CVE-2025-23772	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

528	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER allows Cross Site Request Forgery.This issue affects W3SPEEDSTER: from n/a through 7.33.	CWE-352 Origin Validation Error	CVE-2025-23765	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

529	-	-	-	Missing Authorization vulnerability in Ujjaval Jani Copy Move Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Copy Move Posts: from n/a through 1.6.	CWE-862 Missing Authorization	CVE-2025-23764	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm

530	-	-	-	Missing Authorization vulnerability in Alex Volkov Woo Tuner allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Woo Tuner: from n/a through 0.1.2.	CWE-862 Missing Authorization	CVE-2025-23761	2025-01-17 06:15	2025-01-17	Show	GitHub Exploit DB Packet Storm