Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 31, 2025, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
931	5.4	警告 Network	bdthemes	element pack	bdthemes の WordPress 用 element pack におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-32572	2025-01-22 16:35	2024-04-18	Show	GitHub Exploit DB Packet Storm

932	5.4	警告 Network	webangon	the pack elementor addons	webangon の WordPress 用 the pack elementor addons におけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2024-32718	2025-01-22 16:35	2024-04-24	Show	GitHub Exploit DB Packet Storm

933	5.4	警告 Network	Leap13	Premium Addons for Elementor	Leap13 の WordPress 用 Premium Addons for Elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-32791	2025-01-22 16:35	2024-04-24	Show	GitHub Exploit DB Packet Storm

934	5.4	警告 Network	TYPO3 Association	TYPO3	TYPO3 Association の TYPO3 におけるクロスサイトスクリプティングの脆弱性	CWE-116 CWE-79 CWE-79	CVE-2024-34355	2025-01-22 16:35	2024-05-14	Show	GitHub Exploit DB Packet Storm

935	7.5	重要 Network	BlackBerry	QNX Software Development Platform	BlackBerry の QNX Software Development Platform における境界外読み取りに関する脆弱性	CWE-125 CWE-125	CVE-2024-48855	2025-01-22 16:35	2024-10-8	Show	GitHub Exploit DB Packet Storm

936	7.5	重要 Network	bdthemes	element pack	bdthemes の WordPress 用 element pack における脆弱性	CWE-noinfo 情報不足	CVE-2024-2966	2025-01-22 16:27	2024-04-11	Show	GitHub Exploit DB Packet Storm

937	7.8	重要 Local	デル	repository manager	デルの repository manager におけるパストラバーサルの脆弱性	CWE-20 CWE-22	CVE-2024-28976	2025-01-22 16:26	2024-04-24	Show	GitHub Exploit DB Packet Storm

938	7.1	重要 Local	sixlabors	imagesharp	sixlabors の imagesharp における解放済みメモリの使用に関する脆弱性	CWE-416 CWE-416	CVE-2024-27929	2025-01-22 16:24	2024-03-5	Show	GitHub Exploit DB Packet Storm

939	5.4	警告 Network	exclusiveaddons	exclusive addons for elementor	exclusiveaddons の WordPress 用 exclusive addons for elementor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-2751	2025-01-22 16:22	2024-05-2	Show	GitHub Exploit DB Packet Storm

940	8.1	重要 Network	WonderCMS	WonderCMS	WonderCMS におけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 CWE-918	CVE-2024-27561	2025-01-22 16:22	2024-03-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 31, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
241	-	-	-	Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files. New	-	CVE-2024-57547	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

242	-	-	-	An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function. New	-	CVE-2024-57546	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

243	-	-	-	Cross Site Request Forgery vulnerability in LifestyleStore v.1.0 allows a remote attacker to execute arbitrary cod and obtain sensitive information. New	-	CVE-2024-57373	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

244	-	-	-	An issue in youdiancms v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter in the index.php file. New	-	CVE-2024-57052	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

245	-	-	-	In AXESS ACS (Auto Configuration Server) through 5.2.0, unsanitized user input in the TR069 API allows remote unauthenticated attackers to cause a permanent Denial of Service via crafted TR069 reques… New	-	CVE-2024-56316	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

246	-	-	-	An issue was discovered in Couchbase Server 7.6.x through 7.6.3. A user with the security_admin_local role can create a new user in a group that has the admin role. New	-	CVE-2024-56178	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

247	-	-	-	Incorrect access control in BYD QIN PLUS DM-i Dilink OS 3.0_13.1.7.2204050.1 allows unauthorized attackers to access system logcat logs. New	-	CVE-2024-54728	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

248	-	-	-	Cross Site Scripting vulnerability in AdGuard Application v.7.18.1 (4778) and before allows an attacker to execute arbitrary code via a crafted payload to the fontMatrix component. New	-	CVE-2024-48662	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

249	-	-	-	A type confusion issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18… New	-	CVE-2025-24137	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm

250	-	-	-	An issue in Midea Group Co., Ltd Midea Home iOS 9.3.12 allows attackers to access sensitive user information via supplying a crafted link. New	-	CVE-2024-56972	2025-01-29 05:15	2025-01-28	Show	GitHub Exploit DB Packet Storm