Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 31, 2025, 4:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
911 9.8 緊急
Network 		Stranger Studios Paid Memberships Pro Stranger Studios の WordPress 用 Paid Memberships Pro におけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2024-37277 2025-01-23 11:18 2024-11-1 Show GitHub Exploit DB Packet Storm
912 8.8 重要
Network 		Themeum Tutor LMS Themeum の WordPress 用 Tutor LMS における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-4351 2025-01-23 11:18 2024-05-16 Show GitHub Exploit DB Packet Storm
913 5.4 警告
Network 		moveaddons move addons for elementor moveaddons の WordPress 用 move addons for elementor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-47364 2025-01-23 11:18 2024-10-6 Show GitHub Exploit DB Packet Storm
914 8.8 重要
Network 		webangon the pack elementor addons webangon の WordPress 用 the pack elementor addons におけるパストラバーサルの脆弱性 CWE-22
CWE-23
CVE-2024-50453 2025-01-23 11:18 2024-10-28 Show GitHub Exploit DB Packet Storm
915 5.4 警告
Network 		themelooks enter addons themelooks の WordPress 用 enter addons におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-56252 2025-01-23 11:18 2024-12-18 Show GitHub Exploit DB Packet Storm
916 8.8 重要
Network 		WPDeveloper essential blocks WPDeveloper の WordPress 用 essential blocks における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2023-51359 2025-01-23 11:09 2023-12-18 Show GitHub Exploit DB Packet Storm
917 8.8 重要
Network 		WPDeveloper essential blocks WPDeveloper の WordPress 用 essential blocks における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2023-51360 2025-01-23 11:09 2023-12-18 Show GitHub Exploit DB Packet Storm
918 5.4 警告
Network 		properfraction profilepress properfraction の WordPress 用 profilepress におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1408 2025-01-23 11:09 2024-02-29 Show GitHub Exploit DB Packet Storm
919 5.4 警告
Network 		Themeisle Orbit Fox ThemeIsle の WordPress 用 Orbit Fox におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1497 2025-01-23 11:09 2024-03-13 Show GitHub Exploit DB Packet Storm
920 5.4 警告
Network 		properfraction profilepress properfraction の WordPress 用 profilepress におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1570 2025-01-23 11:09 2024-02-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
271 - - - An issue in Xiamen Meitu Technology Co., Ltd. BeautyCam iOS v12.3.60 allows attackers to access sensitive user information via supplying a crafted link. New - CVE-2024-56947 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
272 - - - In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates, causing the algorithm to yield a result of POINT_AT_INF… New - CVE-2024-26317 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
273 - - - SecuSTATION Camera V2.5.5.3116-S50-SMA-B20160811A and lower is vulnerable to Cross Site Scripting (XSS). New - CVE-2024-57272 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
274 - - - A cross-site scripting (XSS) vulnerability in the Product module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title param… New - CVE-2024-55228 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
275 - - - Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/getWifiBasic. New - CVE-2024-48420 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
276 - - - Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in /bin/goahead. Specifically, these issues can be triggered through /goform/tracerouteDiagnosis, /goform/p… New - CVE-2024-48419 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
277 - - - In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in any of user provided parameters, allowing an attacker with acc… New - CVE-2024-48418 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
278 - - - Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Cross Site Scripting (XSS) in : /bin/goahead via /goform/setStaticRoute, /goform/fromSetFilterUrlFilter, and /goform/fromSetFilt… New - CVE-2024-48417 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
279 - - - Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/fromSetLanDhcpsClientbinding. New - CVE-2024-48416 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm
280 - - - TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl interface "ntp_sync.cgi",which allows remote attackers to execute arbitrary commands via parameter "ntp_ser… Update - CVE-2024-57590 2025-01-29 05:15 2025-01-28 Show GitHub Exploit DB Packet Storm