Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227171	5	警告	ViewVC	-	ViewVC における非公開 root 名を発見される脆弱性	CWE-200 情報漏えい	CVE-2010-0004	2012-12-20 19:28	2009-12-2	Show	GitHub Exploit DB Packet Storm

227172	4.3	警告	Urs Wolfer	-	kwebkitpart の webkitpart.cpp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4976	2012-12-20 19:28	2009-12-5	Show	GitHub Exploit DB Packet Storm

227173	3.5	注意	TYPO3 Association	-	TYPO3 用の Commerce エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4963	2012-12-20 19:28	2010-07-28	Show	GitHub Exploit DB Packet Storm

227174	7.5	危険	stefan koch	-	TYPO3 用の t3m エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4959	2012-12-20 19:28	2010-07-28	Show	GitHub Exploit DB Packet Storm

227175	4.3	警告	wapplersystems	-	TYPO3 用の Visitor Tracking エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4956	2012-12-20 19:28	2010-07-22	Show	GitHub Exploit DB Packet Storm

227176	7.5	危険	thomas hempel	-	TYPO3 用の ultraCards エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4955	2012-12-20 19:28	2010-07-22	Show	GitHub Exploit DB Packet Storm

227177	7.5	危険	websedit	-	TYPO3 用の sk_calendar エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4954	2012-12-20 19:28	2010-07-22	Show	GitHub Exploit DB Packet Storm

227178	4.3	警告	stefan geith	-	TYPO3 用の sg_userdata エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4953	2012-12-20 19:28	2010-07-22	Show	GitHub Exploit DB Packet Storm

227179	10	危険	serge gebhardt	-	TYPO3 用の Directory Listing エクステンションにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4952	2012-12-20 19:28	2010-07-22	Show	GitHub Exploit DB Packet Storm

227180	7.5	危険	tim lochmueller & thomas buss	-	TYPO3 用の A21glossary Advanced Output エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4950	2012-12-20 19:28	2010-07-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311731	7.8	HIGH Local	-	-	Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue…	CWE-416 Use After Free	CVE-2024-47413	2024-10-10 21:51	2024-10-9	Show	GitHub Exploit DB Packet Storm

311732	7.8	HIGH Local	-	-	Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue…	CWE-416 Use After Free	CVE-2024-47412	2024-10-10 21:51	2024-10-9	Show	GitHub Exploit DB Packet Storm

311733	7.8	HIGH Local	-	-	Animate versions 23.0.7, 24.0.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploita…	CWE-824 Access of Uninitialized Pointer	CVE-2024-47411	2024-10-10 21:51	2024-10-9	Show	GitHub Exploit DB Packet Storm

311734	7.8	HIGH Local	-	-	Animate versions 23.0.7, 24.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation …	CWE-121 Stack-based Buffer Overflow	CVE-2024-47410	2024-10-10 21:51	2024-10-9	Show	GitHub Exploit DB Packet Storm

311735	6.4	MEDIUM Network	-	-	The Embed PDF Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' and 'width' parameters in all versions up to, and including, 2.4.4 due to insufficient input sa…	CWE-79 Cross-site Scripting	CVE-2024-9451	2024-10-10 21:51	2024-10-9	Show	GitHub Exploit DB Packet Storm

311736	6.4	MEDIUM Network	-	-	The Auto iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' parameter in all versions up to, and including, 1.7 due to insufficient input sanitization and output e…	CWE-79 Cross-site Scripting	CVE-2024-9449	2024-10-10 21:51	2024-10-9	Show	GitHub Exploit DB Packet Storm

311737	-		-	-	cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 (before 1.0) lacks '\0' termination of the path for CGI scripts because strncpy is misused.	-	CVE-2023-46586	2024-10-10 21:51	2024-10-9	Show	GitHub Exploit DB Packet Storm

311738	-		-	-	An issue was discovered in VectorComponentUserLinks.php in the Vector Skin component in MediaWiki before 1.39.5 and 1.40.x before 1.40.1. vector-intro-page MalformedTitleException is uncaught if it i…	-	CVE-2023-45361	2024-10-10 21:51	2024-10-9	Show	GitHub Exploit DB Packet Storm

311739	-		-	-	An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x before 1.40.1. vector-toc-toggle-button-label is not escaped, but should be, because the line param can hav…	-	CVE-2023-45359	2024-10-10 21:51	2024-10-9	Show	GitHub Exploit DB Packet Storm

311740	-		-	-	check_by_ssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with \${IFS}. This has been categorized both as fixed in e8810de,…	-	CVE-2023-37154	2024-10-10 21:51	2024-10-9	Show	GitHub Exploit DB Packet Storm