Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 24, 2025, 12:05 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
931 5.4 警告
Network
Wpmet ElementsKit Elementor addons Wpmet の WordPress 用 ElementsKit Elementor addons におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-1238 2025-01-17 10:29 2024-03-30 Show GitHub Exploit DB Packet Storm
932 5.4 警告
Network
Brizy brizy Brizy の WordPress 用 brizy におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-1293 2025-01-17 10:29 2024-03-13 Show GitHub Exploit DB Packet Storm
933 4.3 警告
Network
wpmoose Yuki wpmoose の WordPress 用 Yuki における認証の欠如に関する脆弱性 CWE-862
認証の欠如
CVE-2024-1388 2025-01-17 10:29 2024-02-28 Show GitHub Exploit DB Packet Storm
934 5.3 警告
Network
zestard admin side data storage for contact form 7 zestard の WordPress 用 admin side data storage for contact form 7 における認証の欠如に関する脆弱性 CWE-862
認証の欠如
CVE-2024-1778 2025-01-17 10:29 2024-02-23 Show GitHub Exploit DB Packet Storm
935 6.5 警告
Network
Brizy brizy Brizy の WordPress 用 brizy における認証の欠如に関する脆弱性 CWE-862
認証の欠如
CVE-2024-1937 2025-01-17 10:29 2024-07-16 Show GitHub Exploit DB Packet Storm
936 6.1 警告
Network
Dev4Press GD Rating System Dev4Press の WordPress 用 GD Rating System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-25093 2025-01-17 10:29 2024-02-29 Show GitHub Exploit DB Packet Storm
937 6.1 警告
Network
http-swagger project http-swagger http-swagger project の http-swagger におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2024-25712 2025-01-17 10:29 2024-02-29 Show GitHub Exploit DB Packet Storm
938 8.8 重要
Network
meshcentral meshcentral meshcentral における同一生成元ポリシー違反に関する脆弱性 CWE-346
CWE-346
CVE-2024-26135 2025-01-17 10:29 2024-02-20 Show GitHub Exploit DB Packet Storm
939 8.8 重要
Network
Wpmet ElementsKit Elementor addons Wpmet の WordPress 用 ElementsKit Elementor addons における脆弱性 CWE-Other
その他
CVE-2024-3499 2025-01-17 10:29 2024-05-2 Show GitHub Exploit DB Packet Storm
940 8.6 重要
Local
Progress Software Corporation telerik reporting Progress Software Corporation の telerik reporting におけるコードインジェクションの脆弱性 CWE-94
CWE-94
CVE-2024-4202 2025-01-17 10:29 2024-05-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
61 - - - lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_blend. New - CVE-2024-57720 2025-01-24 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
62 - - - lunasvg v3.0.0 was discovered to contain a segmentation violation via the component blend_transformed_tiled_argb.isra.0. New - CVE-2024-57719 2025-01-24 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
63 - - - In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control Software (ICSW) before 3.1 SP10, the driver packages have a local privilege escalation vulnerability due t… New - CVE-2024-55957 2025-01-24 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
64 - - - Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 (both inclusive) uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same… New - CVE-2025-24400 2025-01-24 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
65 - - - Jenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive, allowing attackers on Jenkins instances configure… New - CVE-2025-24399 2025-01-24 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
66 - - - Open5GS MME versions <= 2.6.4 contain a reachable assertion in the `UE Context Release Request` packet handler. A packet containing an invalid `MME_UE_S1AP_ID` field causes Open5gs to crash; an attac… New - CVE-2023-37022 2025-01-24 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
67 - - - Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `UE Context Release Request` message mi… New - CVE-2023-37014 2025-01-24 00:15 2025-01-23 Show GitHub Exploit DB Packet Storm
68 - - - A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allow network-adjacent attackers to cr… New - CVE-2023-37039 2025-01-24 00:15 2025-01-22 Show GitHub Exploit DB Packet Storm
69 - - - A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to c… New - CVE-2023-37038 2025-01-24 00:15 2025-01-22 Show GitHub Exploit DB Packet Storm
70 - - - A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to c… New - CVE-2023-37037 2025-01-24 00:15 2025-01-22 Show GitHub Exploit DB Packet Storm