Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 24, 2025, 6:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
811 5.5 警告
Local 		Debian
Linux		 Debian GNU/Linux
Linux Kernel 		Linux の Linux Kernel 等複数ベンダの製品における有効期限後のメモリの解放の欠如に関する脆弱性 CWE-401
有効期限後のメモリの解放の欠如 		CVE-2024-36954 2025-01-17 20:45 2024-05-1 Show GitHub Exploit DB Packet Storm
812 4.7 警告
Local 		Debian
Linux		 Debian GNU/Linux
Linux Kernel 		Linux の Linux Kernel 等複数ベンダの製品における競合状態に関する脆弱性 CWE-362
CWE-476
CVE-2024-26878 2025-01-17 20:43 2024-02-5 Show GitHub Exploit DB Packet Storm
813 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2023-52865 2025-01-17 20:40 2023-10-18 Show GitHub Exploit DB Packet Storm
814 5.5 警告
Local 		Linux Linux Kernel Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2021-47202 2025-01-17 20:37 2021-11-5 Show GitHub Exploit DB Packet Storm
815 8.8 重要
Network 		Google Google Chrome Google の Google Chrome における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2025-0437 2025-01-17 19:41 2025-01-14 Show GitHub Exploit DB Packet Storm
816 9.8 緊急
Network 		Apache Software Foundation hertzbeat Apache Software Foundation の hertzbeat における信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
CWE-502
CVE-2023-51389 2025-01-17 19:41 2023-12-18 Show GitHub Exploit DB Packet Storm
817 8.5 重要
Network 		BoldGrid W3 Total Cache BoldGrid の WordPress 用 W3 Total Cache における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-12365 2025-01-17 19:41 2024-12-9 Show GitHub Exploit DB Packet Storm
818 9.8 緊急
Network 		Ivanti Avalanche Ivanti の Avalanche におけるパストラバーサルの脆弱性 CWE-22
CWE-22
CWE-288
CVE-2024-13181 2025-01-17 19:41 2025-01-14 Show GitHub Exploit DB Packet Storm
819 6.4 警告
Network 		s-sols seraphinite accelerator s-sols の WordPress 用 seraphinite accelerator におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2024-1568 2025-01-17 19:41 2024-02-28 Show GitHub Exploit DB Packet Storm
820 7.2 重要
Network 		zestard admin side data storage for contact form 7 zestard の WordPress 用 admin side data storage for contact form 7 における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-1776 2025-01-17 19:41 2024-02-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
231 - - - Cross-Site Request Forgery (CSRF) vulnerability in ThemeFarmer Ultimate Subscribe allows Reflected XSS. This issue affects Ultimate Subscribe: from n/a through 1.3. New CWE-352
 Origin Validation Error 		CVE-2025-23806 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
232 - - - Cross-Site Request Forgery (CSRF) vulnerability in PQINA Snippy allows Reflected XSS. This issue affects Snippy: from n/a through 1.4.1. New CWE-352
 Origin Validation Error 		CVE-2025-23803 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
233 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eliott Robson Mass Messaging in BuddyPress allows Reflected XSS. This issue affects Mass Messagin… New CWE-79
Cross-site Scripting 		CVE-2025-23798 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
234 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Contact Form 7 Round Robin Lead Distribution allows SQL Injection. This issue affects Co… New CWE-89
SQL Injection 		CVE-2025-23784 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
235 - - - Insertion of Sensitive Information Into Sent Data vulnerability in NotFound WM Options Import Export allows Retrieve Embedded Sensitive Data. This issue affects WM Options Import Export: from n/a thr… New CWE-201
 Insertion of Sensitive Information Into Sent Data 		CVE-2025-23781 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
236 - - - Insertion of Sensitive Information Into Sent Data vulnerability in NotFound WPDB to Sql allows Retrieve Embedded Sensitive Data. This issue affects WPDB to Sql: from n/a through 1.2. New CWE-201
 Insertion of Sensitive Information Into Sent Data 		CVE-2025-23774 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
237 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Fast Tube allows Reflected XSS. This issue affects Fast Tube: from n/a through 2.3.1. New CWE-79
Cross-site Scripting 		CVE-2025-23770 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
238 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Content Mirror allows Reflected XSS. This issue affects Content Mirror: from n/a through… New CWE-79
Cross-site Scripting 		CVE-2025-23769 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
239 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound InFunding allows Reflected XSS. This issue affects InFunding: from n/a through 1.0. New CWE-79
Cross-site Scripting 		CVE-2025-23768 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
240 - - - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pootle button allows Reflected XSS. This issue affects Pootle button: from n/a through 1… New CWE-79
Cross-site Scripting 		CVE-2025-23758 2025-01-23 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm