Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227551 7.5 危険 scriptdemo - BitmixSoft PHP-Lance の show.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4716 2012-12-20 18:52 2008-10-23 Show GitHub Exploit DB Packet Storm
227552 7.5 危険 pilotgroup - PG eTraining の news_read.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4709 2012-12-20 18:52 2008-10-23 Show GitHub Exploit DB Packet Storm
227553 7.5 危険 sylvain pasquet - BbZL.PhP における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-4708 2012-12-20 18:52 2008-10-23 Show GitHub Exploit DB Packet Storm
227554 5 警告 sylvain pasquet - BbZL.PhP の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4707 2012-12-20 18:52 2008-10-23 Show GitHub Exploit DB Packet Storm
227555 7.5 危険 vBulletin Solutions, Inc. - VBGooglemap Hotspot Edition モジュールなどにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4706 2012-12-20 18:52 2008-10-23 Show GitHub Exploit DB Packet Storm
227556 7.5 危険 phponlinedatingsoftware - php Online Dating Software MyPHPDating の success_story.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4705 2012-12-20 18:52 2008-10-23 Show GitHub Exploit DB Packet Storm
227557 7.5 危険 phpwebgallery - PhpWebGallery におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-4702 2012-12-20 18:52 2008-10-22 Show GitHub Exploit DB Packet Storm
227558 9.3 危険 VideoLAN - VideoLAN VLC Media Player の TY demux プラグインにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2008-4686 2012-12-20 18:52 2008-10-18 Show GitHub Exploit DB Packet Storm
227559 4.3 警告 Wireshark - Wireshark の packet-frame におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-4684 2012-12-20 18:52 2008-05-16 Show GitHub Exploit DB Packet Storm
227560 5 警告 Wireshark - Wireshark の wtap.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4682 2012-12-20 18:52 2008-10-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312231 9.8 CRITICAL
Network 		ibm security_directory_integrator
security_verify_directory_integrator 		IBM Security Directory Integrator 7.2.0 and Security Verify Directory Integrator 10.0.0 does not perform any authentication for functionality that requires a provable user identity or consumes a sign… NVD-CWE-noinfo
CVE-2022-33162 2024-09-7 22:15 2024-08-17 Show GitHub Exploit DB Packet Storm
312232 9.8 CRITICAL
Network 		oretnom23 clinic\'s_patient_management_system A vulnerability, which was classified as critical, has been found in SourceCodester Clinics Patient Management System 1.0. Affected by this issue is the function patient_name of the file patients.php… CWE-89
SQL Injection 		CVE-2024-7454 2024-09-7 21:56 2024-08-4 Show GitHub Exploit DB Packet Storm
312233 9.8 CRITICAL
Network 		onesoftnet sudobot SudoBot, a Discord moderation bot, is vulnerable to privilege escalation and exploit of the `-config` command in versions prior to 9.26.7. Anyone is theoretically able to update any configuration of … CWE-862
 Missing Authorization 		CVE-2024-45307 2024-09-7 10:34 2024-09-4 Show GitHub Exploit DB Packet Storm
312234 6.1 MEDIUM
Network 		xiebruce picuploader A cross-site scripting (XSS) vulnerability in the component /auth/AzureRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injec… CWE-79
Cross-site Scripting 		CVE-2024-44796 2024-09-7 08:35 2024-08-27 Show GitHub Exploit DB Packet Storm
312235 8.8 HIGH
Network 		roxy-wi roxy-wi Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. An OS Command Injection vulnerability allows any authenticated user on the application to execute arbitrary code… CWE-78
OS Command  		CVE-2024-43804 2024-09-7 07:57 2024-08-30 Show GitHub Exploit DB Packet Storm
312236 8.1 HIGH
Network 		getkirby kirby Kirby is a CMS targeting designers and editors. Kirby allows to restrict the permissions of specific user roles. Users of that role can only perform permitted actions. Permissions for creating and de… CWE-863
 Incorrect Authorization 		CVE-2024-41964 2024-09-7 07:56 2024-08-30 Show GitHub Exploit DB Packet Storm
312237 5.4 MEDIUM
Network 		seacms seacms A cross-site scripting (XSS) vulnerability in the component admin_ads.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ad descript… CWE-79
Cross-site Scripting 		CVE-2024-44919 2024-09-7 07:54 2024-08-30 Show GitHub Exploit DB Packet Storm
312238 9.8 CRITICAL
Network 		deltaww dtn_soft Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability. CWE-502
 Deserialization of Untrusted Data 		CVE-2024-8255 2024-09-7 07:53 2024-08-30 Show GitHub Exploit DB Packet Storm
312239 7.5 HIGH
Network 		wolfssl wolfssl In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509_check_host() takes in a pointer and le… CWE-125
Out-of-bounds Read 		CVE-2024-5991 2024-09-7 07:51 2024-08-28 Show GitHub Exploit DB Packet Storm
312240 9.8 CRITICAL
Network 		hp security_manager HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries. NVD-CWE-noinfo
CVE-2024-7720 2024-09-7 07:33 2024-08-28 Show GitHub Exploit DB Packet Storm