Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227111 7.2 危険 valgrind - valgrind における任意のプログラムを実行される脆弱性 CWE-Other
その他 		CVE-2008-4865 2012-12-20 18:52 2008-10-31 Show GitHub Exploit DB Packet Storm
227112 6.9 警告 rPath, Inc - rPath 上で稼動している initscripts における任意のファイルを削除される脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4832 2012-12-20 18:52 2008-11-12 Show GitHub Exploit DB Packet Storm
227113 9.3 危険 streamripper - Streamripper の lib/http.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4829 2012-12-20 18:52 2008-11-25 Show GitHub Exploit DB Packet Storm
227114 7.5 危険 Smarty - Smarty の libs/Smarty_Compiler.class.php における任意の PHP コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-4811 2012-12-20 18:52 2008-10-31 Show GitHub Exploit DB Packet Storm
227115 7.5 危険 Smarty - Smarty の libs/Smarty_Compiler.class.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-4810 2012-12-20 18:52 2008-10-31 Show GitHub Exploit DB Packet Storm
227116 4.3 警告 simple php scripts - Simple PHP Scripts gallery の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4803 2012-12-20 18:52 2008-10-31 Show GitHub Exploit DB Packet Storm
227117 4.3 警告 simple php scripts - Simple PHP Scripts ブログの complete.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4802 2012-12-20 18:52 2008-10-31 Show GitHub Exploit DB Packet Storm
227118 9.3 危険 webgui - WebGUI の lib/WebGUI/Asset.pm における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-4798 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
227119 10 危険 tguzip - TUGzip におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4779 2012-12-20 18:52 2008-10-29 Show GitHub Exploit DB Packet Storm
227120 4.3 警告 Wojtek Kaniewski - libgadu におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-4776 2012-12-20 18:52 2008-10-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312671 7.5 HIGH
Network 		dorsettcontrols infoscan Dorsett Controls Central Server update server has potential information leaks with an unprotected file that contains passwords and API keys. NVD-CWE-noinfo
CVE-2024-39287 2024-08-29 23:23 2024-08-9 Show GitHub Exploit DB Packet Storm
312672 3.7 LOW
Network 		dorsettcontrols infoscan The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure. CWE-22
Path Traversal 		CVE-2024-42408 2024-08-29 23:22 2024-08-9 Show GitHub Exploit DB Packet Storm
312673 9.0 CRITICAL
Network 		vrcx-team vrcx VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to re… CWE-79
Cross-site Scripting 		CVE-2024-42366 2024-08-29 23:04 2024-08-9 Show GitHub Exploit DB Packet Storm
312674 4.8 MEDIUM
Network 		concretecms concrete_cms Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName().  A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVS… CWE-79
Cross-site Scripting 		CVE-2024-7394 2024-08-29 22:41 2024-08-9 Show GitHub Exploit DB Packet Storm
312675 9.8 CRITICAL
Network 		havocframework havoc An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-41570 2024-08-29 22:32 2024-08-12 Show GitHub Exploit DB Packet Storm
312676 - - - Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentia… CWE-788
 Access of Memory Location After End of Buffer 		CVE-2024-38304 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm
312677 - - - Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vu… CWE-20
 Improper Input Validation  		CVE-2024-38303 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm
312678 7.2 HIGH
Network 		- - The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'images_array' parameter in versions up to, and including 2.8. This makes it possible for authenticat… CWE-502
 Deserialization of Untrusted Data 		CVE-2022-2440 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm
312679 - - - The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. `aws… - CVE-2024-45043 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm
312680 - - - Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution vulnerability, which can be exploited to obtain device administrator privileges via the getVar function i… - CVE-2024-42905 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm