Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 27, 2025, 12:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
801 8.8 重要
Local 		paddlepaddle paddlepaddle paddlepaddle における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-0815 2025-01-20 10:40 2024-03-7 Show GitHub Exploit DB Packet Storm
802 6.1 警告
Network 		Ivanti connect secure
policy secure 		Ivanti の connect secure および policy secure におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-79
CVE-2024-11004 2025-01-20 10:40 2024-11-12 Show GitHub Exploit DB Packet Storm
803 7.8 重要
Local 		アドビシステムズ Adobe Substance 3D Stager アドビの Adobe Substance 3D Stager における境界外書き込みに関する脆弱性 CWE-121
CWE-787
CVE-2025-21128 2025-01-20 10:19 2025-01-14 Show GitHub Exploit DB Packet Storm
804 7.8 重要
Local 		アドビシステムズ Adobe Substance 3D Stager アドビの Adobe Substance 3D Stager における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2025-21131 2025-01-20 10:19 2025-01-14 Show GitHub Exploit DB Packet Storm
805 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における脆弱性 CWE-Other
その他 		CVE-2023-52580 2025-01-20 10:00 2023-09-15 Show GitHub Exploit DB Packet Storm
806 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における整数アンダーフローの脆弱性 CWE-191
整数アンダーフロー 		CVE-2024-35980 2025-01-20 10:00 2024-04-10 Show GitHub Exploit DB Packet Storm
807 7.8 重要
Local 		Linux Linux Kernel Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2024-53166 2025-01-20 10:00 2024-11-29 Show GitHub Exploit DB Packet Storm
808 7.8 重要
Local 		Linux Linux Kernel Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2024-53170 2025-01-20 10:00 2024-11-18 Show GitHub Exploit DB Packet Storm
809 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel におけるリソースのロックに関する脆弱性 CWE-667
不適切なロック 		CVE-2024-54191 2025-01-20 10:00 2024-12-12 Show GitHub Exploit DB Packet Storm
810 7.8 重要
Local 		Linux Linux Kernel Linux の Linux Kernel における配列インデックスの検証に関する脆弱性 CWE-129
配列インデックスの不適切な検証 		CVE-2024-56595 2025-01-20 09:59 2024-10-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 27, 2025, 4:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
271 - - - Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all platforms allows authenticated users with Admin Console access to retrieve sensitive data, including app… New - CVE-2021-42718 2025-01-25 00:15 2025-01-24 Show GitHub Exploit DB Packet Storm
272 8.8 HIGH
Network 		- - IBM Cognos Dashboards 4.0.7 and 5.0.0 on Cloud Pak for Data could allow a remote attacker to perform unauthorized actions due to dependency confusion. CWE-427
 Uncontrolled Search Path Element 		CVE-2024-41739 2025-01-24 23:15 2025-01-24 Show GitHub Exploit DB Packet Storm
273 5.4 MEDIUM
Network 		- - The Activity Plus Reloaded for BuddyPress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.1 via the 'ajax_preview_link' function. Thi… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-11913 2025-01-24 23:15 2025-01-24 Show GitHub Exploit DB Packet Storm
274 4.3 MEDIUM
Network 		- - The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.2 via the register_controls function in widgets/offcanvas… CWE-1230
 Exposure of Sensitive Information Through Metadata 		CVE-2024-10324 2025-01-24 23:15 2025-01-24 Show GitHub Exploit DB Packet Storm
275 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FooGallery Captions allows Reflected XSS. This issue affects FooGallery Captions: from n… CWE-79
Cross-site Scripting 		CVE-2025-23889 2025-01-24 20:15 2025-01-24 Show GitHub Exploit DB Packet Storm
276 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Custom Page Extensions allows Reflected XSS. This issue affects Custom Page Extensions: … CWE-79
Cross-site Scripting 		CVE-2025-23888 2025-01-24 20:15 2025-01-24 Show GitHub Exploit DB Packet Storm
277 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound MJ Contact us allows Reflected XSS. This issue affects MJ Contact us: from n/a through 5… CWE-79
Cross-site Scripting 		CVE-2025-23885 2025-01-24 20:15 2025-01-24 Show GitHub Exploit DB Packet Storm
278 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Sticky Button allows Stored XSS. This issue affects Sticky Button: from n/a through 1.0. CWE-79
Cross-site Scripting 		CVE-2025-23839 2025-01-24 20:15 2025-01-24 Show GitHub Exploit DB Packet Storm
279 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Bauernregeln allows Reflected XSS. This issue affects Bauernregeln: from n/a through 1.0… CWE-79
Cross-site Scripting 		CVE-2025-23838 2025-01-24 20:15 2025-01-24 Show GitHub Exploit DB Packet Storm
280 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound One Backend Language allows Reflected XSS. This issue affects One Backend Language: from… CWE-79
Cross-site Scripting 		CVE-2025-23837 2025-01-24 20:15 2025-01-24 Show GitHub Exploit DB Packet Storm