Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 26, 2025, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
981	4.3	警告 Network	Progress Software Corporation	MOVEit Transfer	Progress Software Corporation の MOVEit Transfer における脆弱性	CWE-778 CWE-Other	CVE-2024-2291	2025-01-17 12:08	2024-03-20	Show	GitHub Exploit DB Packet Storm

982	4.8	警告 Network	MantisBT Group	MantisBT	MantisBT Group の MantisBT におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2024-34081	2025-01-17 12:08	2024-05-14	Show	GitHub Exploit DB Packet Storm

983	8.8	重要 Network	oretnom23	Laundry Shop Management System	Oretnom23 の Laundry Shop Management System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-3466	2025-01-17 12:08	2024-04-8	Show	GitHub Exploit DB Packet Storm

984	4.3	警告 Network	Brizy	brizy	Brizy の WordPress 用 brizy における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-3711	2025-01-17 12:02	2024-05-23	Show	GitHub Exploit DB Packet Storm

985	9.8	緊急 Network	Apache Software Foundation	Apache Xerces-C++	Apache Software Foundation の Apache Xerces-C++ における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2024-23807	2025-01-17 12:02	2024-02-29	Show	GitHub Exploit DB Packet Storm

986	5.3	警告 Network	MantisBT Group	MantisBT	MantisBT Group の MantisBT における脆弱性	CWE-200 CWE-noinfo	CVE-2024-34080	2025-01-17 12:02	2024-05-14	Show	GitHub Exploit DB Packet Storm

987	8.8	重要 Network	Brizy	brizy	Brizy の WordPress 用 brizy における危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2024-1311	2025-01-17 11:58	2024-03-13	Show	GitHub Exploit DB Packet Storm

988	5.3	警告 Network	zestard	admin side data storage for contact form 7	zestard の WordPress 用 admin side data storage for contact form 7 における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-1779	2025-01-17 11:58	2024-02-23	Show	GitHub Exploit DB Packet Storm

989	8.8	重要 Network	Progress Software Corporation	telerik report server	Progress Software Corporation の telerik report server における信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 CWE-502	CVE-2024-1800	2025-01-17 11:58	2024-03-20	Show	GitHub Exploit DB Packet Storm

990	7.5	重要 Network	Ivanti	Avalanche	Ivanti の Avalanche におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2024-13180	2025-01-17 11:58	2025-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 26, 2025, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
91	-		-	-	The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.7.4, XSLT transforms performed by various components are vulnerable to XML external entit… New	CWE-611 XXE	CVE-2024-52807	2025-01-25 04:15	2025-01-25	Show	GitHub Exploit DB Packet Storm

92	-		-	-	An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x before 23.10.19, 23.04.x before 23.04.24. A user with high privileges is able to inject SQL in… New	-	CVE-2024-55573	2025-01-25 04:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

93	-		-	-	An issue was discovered in Centreon Web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x before 23.10.19, 23.04.x before 23.04.24. A user with high privileges is able to achieve SQL injection … New	-	CVE-2024-53923	2025-01-25 04:15	2025-01-24	Show	GitHub Exploit DB Packet Storm

94	-		-	-	A NULL pointer dereference in the ngap_app::handle_receive routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP mess… Update	-	CVE-2024-24442	2025-01-25 04:15	2025-01-22	Show	GitHub Exploit DB Packet Storm

95	7.5	HIGH Network	magmacore	magma	Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) are susceptible to an assertion-based crash when an oversized NAS packet is received. An attacker may leverage … Update	CWE-617 Reachable Assertion	CVE-2023-37029	2025-01-25 04:10	2025-01-22	Show	GitHub Exploit DB Packet Storm

96	7.5	HIGH Network	magmacore	magma	The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_esm_message_container function at /nas/ie… Update	CWE-787 Out-of-bounds Write	CVE-2024-24423	2025-01-25 04:07	2025-01-22	Show	GitHub Exploit DB Packet Storm

97	5.4	MEDIUM Network	gambit	stackable	The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter of the Button block in all versions up to, and including, 3.1… Update	CWE-79 Cross-site Scripting	CVE-2024-12117	2025-01-25 04:05	2025-01-22	Show	GitHub Exploit DB Packet Storm

98	5.4	MEDIUM Network	aipower	aipower	The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.8.96 via the wpaicg_troubleshoot_add_vector(). This makes it p… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-13360	2025-01-25 03:58	2025-01-22	Show	GitHub Exploit DB Packet Storm

99	8.8	HIGH Network	aipower	aipower	The AI Power: Complete AI Pack plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpaicg_save_image_media function in all versions up to, and including… Update	CWE-862 Missing Authorization	CVE-2024-13361	2025-01-25 03:55	2025-01-22	Show	GitHub Exploit DB Packet Storm

100	7.5	HIGH Network	open5gs	open5gs	A reachable assertion in the amf_ue_set_suci function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. Update	CWE-617 Reachable Assertion	CVE-2024-24427	2025-01-25 03:47	2025-01-22	Show	GitHub Exploit DB Packet Storm