Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224991 7.2 危険 ヒューレット・パッカード - HP Storage Data Protector における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2012-5220 2013-04-30 18:24 2013-04-24 Show GitHub Exploit DB Packet Storm
224992 4 警告 The phpMyAdmin Project - phpMyAdmin の export.php における値を挿入される脆弱性 CWE-noinfo
情報不足 		CVE-2013-3241 2013-04-30 18:23 2013-04-24 Show GitHub Exploit DB Packet Storm
224993 6.5 警告 The phpMyAdmin Project - phpMyAdmin のエクスポート機能におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-3240 2013-04-30 18:21 2013-04-24 Show GitHub Exploit DB Packet Storm
224994 6.8 警告 Crunchify - WordPress 用 FourSquare Checkins プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-2709 2013-04-30 17:54 2013-04-22 Show GitHub Exploit DB Packet Storm
224995 6.8 警告 Crunchify - WordPress 用 All in One Webmaster プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-2696 2013-04-30 17:52 2013-04-22 Show GitHub Exploit DB Packet Storm
224996 5 警告 Blink Web Effects - WordPress 用 Social Media Widget プラグインにおける任意のファイルのアップロードを強制される脆弱性 CWE-noinfo
情報不足 		CVE-2013-1949 2013-04-30 17:51 2013-04-9 Show GitHub Exploit DB Packet Storm
224997 10 危険 Rob Westgeest - Ruby 用 md2pdf gem の converter.rb における任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-1948 2013-04-30 17:51 2013-04-10 Show GitHub Exploit DB Packet Storm
224998 9.3 危険 Kelly D. Redding - Ruby 用 kelredd-pruview gem における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2013-1947 2013-04-30 17:50 2013-04-4 Show GitHub Exploit DB Packet Storm
224999 9.3 危険 karteek-docsplit - Ruby 用 Karteek Docsplit gem における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2013-1933 2013-04-30 17:49 2013-04-1 Show GitHub Exploit DB Packet Storm
225000 6.8 警告 Novell
plataformatec		 - Ruby 用 Devise gem における不正な結果が返される脆弱性 CWE-399
リソース管理の問題 		CVE-2013-0233 2013-04-30 17:48 2013-01-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
315021 6.5 MEDIUM
Network 		retool retool Retool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into sent data. Credentials for users with "Use" permissions can be discovered (by an authenticated attacker… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2024-42056 2024-08-27 00:15 2024-08-22 Show GitHub Exploit DB Packet Storm
315022 7.8 HIGH
Local 		google chrome Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. (Chromium security s… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2024-7980 2024-08-27 00:14 2024-08-22 Show GitHub Exploit DB Packet Storm
315023 7.8 HIGH
Local 		google chrome Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. (Chromium security s… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2024-7979 2024-08-27 00:13 2024-08-22 Show GitHub Exploit DB Packet Storm
315024 8.8 HIGH
Network 		google chrome Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security sev… NVD-CWE-noinfo
CVE-2024-7972 2024-08-27 00:11 2024-08-22 Show GitHub Exploit DB Packet Storm
315025 8.8 HIGH
Network 		lopalopa music_management_system A SQL injection vulnerability in "/music/view_user.php" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "id" parameter of View User Profile Page. CWE-89
SQL Injection 		CVE-2024-42786 2024-08-26 23:58 2024-08-22 Show GitHub Exploit DB Packet Storm
315026 8.8 HIGH
Network 		lopalopa music_management_system A SQL injection vulnerability in /music/index.php?page=view_playlist in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "id" parameter. CWE-89
SQL Injection 		CVE-2024-42785 2024-08-26 23:57 2024-08-22 Show GitHub Exploit DB Packet Storm
315027 9.8 CRITICAL
Network 		lopalopa music_management_system A SQL injection vulnerability in "/music/controller.php?page=view_music" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "id" parameter. CWE-89
SQL Injection 		CVE-2024-42784 2024-08-26 23:57 2024-08-22 Show GitHub Exploit DB Packet Storm
315028 4.1 MEDIUM
Network 		adobe experience_manager Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could lead to a security feature bypass. An low-privileged attacker could leverage… NVD-CWE-noinfo
CVE-2024-41849 2024-08-26 23:37 2024-08-24 Show GitHub Exploit DB Packet Storm
315029 5.4 MEDIUM
Network 		adobe experience_manager Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vul… CWE-79
Cross-site Scripting 		CVE-2024-41848 2024-08-26 23:37 2024-08-24 Show GitHub Exploit DB Packet Storm
315030 5.4 MEDIUM
Network 		adobe experience_manager Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vul… CWE-79
Cross-site Scripting 		CVE-2024-41847 2024-08-26 23:36 2024-08-24 Show GitHub Exploit DB Packet Storm