Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226961 7.5 危険 シマンテック - Symantec Altiris Deployment Solution の axengine.exe における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2286 2012-12-20 18:52 2008-05-14 Show GitHub Exploit DB Packet Storm
226962 5 警告 Canonical - Ubuntu Linux 上で稼動する ssh-vulnkey ツールにおける CVE-2008-0166 を悪用される脆弱性 CWE-310
暗号の問題 		CVE-2008-2285 2012-12-20 18:52 2008-05-14 Show GitHub Exploit DB Packet Storm
226963 7.5 危険 thomas voecking - Internet Photoshow および Internet Photoshow SE の admin.php における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-2282 2012-12-20 18:52 2008-05-18 Show GitHub Exploit DB Packet Storm
226964 4.3 警告 scriptphp - Script PHP PicEngine の admin/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2280 2012-12-20 18:52 2008-05-16 Show GitHub Exploit DB Packet Storm
226965 7.5 危険 TYPO3 Association - TYPO3 用の sr_feuser_register エクステンションにおける任意のファイルを削除される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2275 2012-12-20 18:52 2008-05-16 Show GitHub Exploit DB Packet Storm
226966 4.3 警告 TYPO3 Association - TYPO3 用の sr_feuser_register エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2274 2012-12-20 18:52 2008-05-16 Show GitHub Exploit DB Packet Storm
226967 7.5 危険 phpway - PHPWAY Kostenloses Linkmanagementscript における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2270 2012-12-20 18:52 2008-05-16 Show GitHub Exploit DB Packet Storm
226968 7.5 危険 slashcode.com - Slash における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2231 2012-12-20 18:52 2008-06-5 Show GitHub Exploit DB Packet Storm
226969 4.6 警告 reportbug-ng - reportbug および reportbug-ng における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2230 2012-12-20 18:52 2008-06-4 Show GitHub Exploit DB Packet Storm
226970 6.8 警告 PHP-Fusion - PHP-Fusion Forum Rank System におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2227 2012-12-20 18:52 2008-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313021 7.8 HIGH
Local 		zscaler client_connector The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS <… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2024-23460 2024-08-8 06:29 2024-08-7 Show GitHub Exploit DB Packet Storm
313022 7.8 HIGH
Local 		zscaler client_connector While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscale… CWE-346
 Origin Validation Error 		CVE-2024-23458 2024-08-8 06:29 2024-08-7 Show GitHub Exploit DB Packet Storm
313023 6.5 MEDIUM
Network 		zscaler client_connector An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190. CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2023-28806 2024-08-8 06:29 2024-08-7 Show GitHub Exploit DB Packet Storm
313024 8.8 HIGH
Network 		datagear datagear A vulnerability was found in DataGear up to 5.0.0. It has been declared as critical. Affected by this vulnerability is the function evaluateVariableExpression of the file ConversionSqlParamValueMappe… CWE-917
 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') 		CVE-2024-7552 2024-08-8 06:29 2024-08-7 Show GitHub Exploit DB Packet Storm
313025 9.8 CRITICAL
Network 		zscaler client_connector An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command Injection. This issue affects Zscaler Client Connector on MacOS <4.2. CWE-78
OS Command  		CVE-2024-23483 2024-08-8 06:23 2024-08-7 Show GitHub Exploit DB Packet Storm
313026 4.9 MEDIUM
Network 		zscaler client_connector In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows <4.2.1 NVD-CWE-noinfo
CVE-2024-23464 2024-08-8 06:23 2024-08-7 Show GitHub Exploit DB Packet Storm
313027 9.8 CRITICAL
Network 		vivotek cc8160_firmware ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d. It has been classified as critical. This affects the function getenv of the file upload_file.cgi. The manipulat… CWE-77
Command Injection 		CVE-2024-7440 2024-08-8 06:15 2024-08-4 Show GitHub Exploit DB Packet Storm
313028 - novell groupwise
groupwise_webaccess 		NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as… NVD-CWE-Other
CVE-2005-0296 2024-08-8 06:15 2005-01-17 Show GitHub Exploit DB Packet Storm
313029 9.8 CRITICAL
Network 		dlink dir-300_firmware D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. CWE-798
 Use of Hard-coded Credentials 		CVE-2024-41616 2024-08-8 05:54 2024-08-7 Show GitHub Exploit DB Packet Storm
313030 6.1 MEDIUM
Network 		phpgurukul tourism_management_system A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted… CWE-79
Cross-site Scripting 		CVE-2024-41333 2024-08-8 05:54 2024-08-7 Show GitHub Exploit DB Packet Storm