NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313451	-	-	-	-	A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as critical. This affects an unknown part of the file /web_cste/cgi-bin/product.ini of the component Telnet S…	CWE-259 Use of Hard-coded Password	CVE-2024-7332	2024-08-1 10:15	2024-08-1	Show	GitHub Exploit DB Packet Storm

313452	-	-	-	-	A vulnerability was found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as critical. Affected by this issue is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipul…	CWE-120 Classic Buffer Overflow	CVE-2024-7331	2024-08-1 09:15	2024-08-1	Show	GitHub Exploit DB Packet Storm

313453	10.0	CRITICAL Network	-	-	Rejected reason: User data field is not attacker controlled	-	CVE-2023-4262	2024-08-1 09:15	2023-09-28	Show	GitHub Exploit DB Packet Storm

313454	-	-	-	-	UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Bolt CMS 3.7.1. It has been rated as problematic. This issue affects some unknown processing of the file /preview/page of the component En…	CWE-79 Cross-site Scripting	CVE-2024-7299	2024-08-1 01:15	2024-07-31	Show	GitHub Exploit DB Packet Storm

313455	-	-	-	-	When the device is shared, the homepage module are before 2.19.0 in eWeLink Cloud Service allows Secondary user to take over devices as primary user via sharing unnecessary device-sensitive informat…	-	CVE-2024-7205	2024-08-1 00:15	2024-07-31	Show	GitHub Exploit DB Packet Storm

313456	-	-	-	-	A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management System 1.0. This vulnerability affects unknown code of the file signup.php of the component User Regis…	CWE-79 Cross-site Scripting	CVE-2024-7321	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313457	-	-	-	-	A vulnerability classified as critical has been found in itsourcecode Online Blood Bank Management System 1.0. This affects an unknown part of the file /admin/index.php of the component Admin Login. …	CWE-89 SQL Injection	CVE-2024-7320	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313458	-	-	-	-	A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file register.php. The manipulation of the…	-	CVE-2024-7311	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313459	6.5	MEDIUM Network	-	-	The Tainacan plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_file' function in all versions up to, and including, 0.21.7. The function …	-	CVE-2024-7135	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313460	4.9	MEDIUM Network	-	-	The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘html’ parameter in …	-	CVE-2024-6725	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313461	-	-	-	-	A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file sort_user.php. The manipulation of t…	CWE-79 Cross-site Scripting	CVE-2024-7310	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313462	-	-	-	-	A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified as problematic. This affects an unknown part of the file entry.php. The manipulation of the argument s…	CWE-79 Cross-site Scripting	CVE-2024-7309	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313463	-	-	-	-	A vulnerability was found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view_bill.php. Th…	CWE-89 SQL Injection	CVE-2024-7308	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313464	-	-	-	-	A vulnerability has been found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manage…	CWE-89 SQL Injection	CVE-2024-7307	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313465	-	-	-	-	Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A local authenticated malicious user could potentially exploit this vulnerability, leading to arbitrary c…	-	CVE-2024-37129	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313466	5.3	MEDIUM Network	-	-	The WP Mobile Menu plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_menu_item_icon function in all versions up to, and including, …	-	CVE-2024-2508	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313467	-	-	-	-	A vulnerability, which was classified as critical, was found in SourceCodester Establishment Billing Management System 1.0. Affected is an unknown function of the file /manage_block.php. The manipula…	CWE-89 SQL Injection	CVE-2024-7306	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313468	-	-	-	-	A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /request.php of the compone…	CWE-79 Cross-site Scripting	CVE-2024-7303	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313469	-	-	-	-	A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console…	CWE-209 Information Exposure Through an Error Message	CVE-2024-6980	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313470	-	-	-	-	A vulnerability classified as critical has been found in SourceCodester Establishment Billing Management System 1.0. This affects an unknown part of the file /manage_tenant.php. The manipulation of t…	CWE-89 SQL Injection	CVE-2024-7290	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313471	-	-	-	-	A vulnerability was found in SourceCodester Establishment Billing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /manage_paymen…	CWE-89 SQL Injection	CVE-2024-7289	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313472	7.2	HIGH Network	-	-	The Lifetime free Drag & Drop Contact Form Builder for WordPress VForm plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.1.5 due to insufficien…	-	CVE-2024-6770	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313473	-	-	-	-	A vulnerability was found in SourceCodester Establishment Billing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax…	-	CVE-2024-7288	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313474	-	-	-	-	A vulnerability was found in SourceCodester Establishment Billing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /manage_user.php. The manipula…	CWE-89 SQL Injection	CVE-2024-7287	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313475	-	-	-	-	A vulnerability was found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/ajax.php?action=login…	CWE-89 SQL Injection	CVE-2024-7286	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313476	-	-	-	-	A vulnerability has been found in SourceCodester Establishment Billing Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/ajax.php?action=…	CWE-79 Cross-site Scripting	CVE-2024-7285	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313477	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB Some transfer events don't always point…	-	CVE-2024-42226	2024-07-30 17:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313478	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2024-35918	2024-07-30 14:15	2024-05-19	Show	GitHub Exploit DB Packet Storm

313479	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2019-6185	2024-07-30 06:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313480	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2019-6174	2024-07-30 06:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313481	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2019-6164	2024-07-30 06:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313482	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2019-6162	2024-07-30 06:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313483	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2017-3769	2024-07-30 06:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313484	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2017-3766	2024-07-30 06:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313485	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2017-3755	2024-07-30 06:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313486	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2022-4038	2024-07-30 05:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313487	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2022-48185	2024-07-30 05:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313488	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2019-19761	2024-07-30 05:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313489	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2019-19760	2024-07-30 05:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313490	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2019-19759	2024-07-30 05:15	2024-07-30	Show	GitHub Exploit DB Packet Storm

313491	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2024-26905	2024-07-29 22:15	2024-04-17	Show	GitHub Exploit DB Packet Storm

313492	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2024-6761	2024-07-29 20:15	2024-07-29	Show	GitHub Exploit DB Packet Storm

313493	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2024-4848	2024-07-29 20:15	2024-07-29	Show	GitHub Exploit DB Packet Storm

313494	-	-	-	-	Rejected reason: REJECT DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2023-4759. Reason: This record is a reservation duplicate of CVE-2023-4759. Notes: All CVE users should reference CVE-2023-4…	-	CVE-2024-41807	2024-07-27 01:15	2024-07-27	Show	GitHub Exploit DB Packet Storm

313495	7.5	HIGH Network	apache	commons_beanutils struts	ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name…	NVD-CWE-noinfo	CVE-2006-1547	2024-07-25 01:47	2006-03-31	Show	GitHub Exploit DB Packet Storm

313496	9.8	CRITICAL Network	-	-	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.	-	CVE-2024-22682	2024-07-20 04:15	2024-01-30	Show	GitHub Exploit DB Packet Storm

313497	-	-	-	-	Rejected reason: DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2024-6655. Reason: This record is a reservation duplicate of CVE-2024-6655. Notes: All CVE users should reference CVE-2024-6655 instead o…	-	CVE-2024-39152	2024-07-19 04:15	2024-07-19	Show	GitHub Exploit DB Packet Storm

313498	-	-	-	-	Rejected reason: This CVE is a duplicate of another CVE.	-	CVE-2024-40639	2024-07-18 05:15	2024-07-18	Show	GitHub Exploit DB Packet Storm

313499	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2024-6765	2024-07-17 23:15	2024-07-17	Show	GitHub Exploit DB Packet Storm

313500	-	-	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2024-5887	2024-07-17 21:15	2024-07-4	Show	GitHub Exploit DB Packet Storm