Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227761	9.3	危険	quiksoft	-	QuikSoft EasyMail MailStore ActiveX コントロールの emmailstore.dll におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-6447	2012-12-20 19:10	2009-03-9	Show	GitHub Exploit DB Packet Storm

227762	7.5	危険	yourplace	-	YourPlace における脆弱性	CWE-287 不適切な認証	CVE-2008-6445	2012-12-20 19:10	2009-03-9	Show	GitHub Exploit DB Packet Storm

227763	7.5	危険	phpkf	-	phpKF の forum_duzen.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6443	2012-12-20 19:10	2009-03-9	Show	GitHub Exploit DB Packet Storm

227764	5.8	警告	sina	-	Sina Inc. DLoader Class ActiveX コントロールにおける任意のファイルを上書きされる脆弱性	CWE-Other その他	CVE-2008-6442	2012-12-20 19:10	2009-03-9	Show	GitHub Exploit DB Packet Storm

227765	4.3	警告	phpsqlitecms	-	phpSQLiteCMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6435	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227766	7.5	危険	psychostats	-	PsychoStats における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6422	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227767	7.5	危険	socialsitegenerator	-	Social Site Generator の social_game_play.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-6421	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227768	5	警告	socialsitegenerator	-	Social Site Generator における任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2008-6420	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227769	7.5	危険	socialsitegenerator	-	Social Site Generator における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6419	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227770	7.5	危険	torrenttrader	-	TorrentTrader の scrape.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6418	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311711	6.1	MEDIUM Network	ninjaforms	ninja_forms	The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privileg…	CWE-79 Cross-site Scripting	CVE-2024-7354	2024-10-5 02:16	2024-09-2	Show	GitHub Exploit DB Packet Storm

311712	6.1	MEDIUM Network	projectcaruso	flaming_forms	The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against administrators.	CWE-79 Cross-site Scripting	CVE-2024-7691	2024-10-5 02:15	2024-09-2	Show	GitHub Exploit DB Packet Storm

311713	7.5	HIGH Network	oceanicsoft	valeapp	Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp allows Protocol Manipulation, : JSON Hijacking (aka JavaScript Hijacking).This issue affects ValeApp: …	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-8644	2024-10-5 02:14	2024-09-27	Show	GitHub Exploit DB Packet Storm

311714	9.8	CRITICAL Network	oceanicsoft	valeapp	Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking.This issue affects ValeApp: before v2.0.0.	CWE-384 Session Fixation	CVE-2024-8643	2024-10-5 02:14	2024-09-27	Show	GitHub Exploit DB Packet Storm

311715	6.1	MEDIUM Network	projectcaruso	flaming_forms	The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used agains…	CWE-79 Cross-site Scripting	CVE-2024-7692	2024-10-5 02:14	2024-09-2	Show	GitHub Exploit DB Packet Storm

311716	7.5	HIGH Network	oceanicsoft	valeapp	Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information.This issue affects ValeApp: before v2.0.0.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2024-8609	2024-10-5 02:12	2024-09-27	Show	GitHub Exploit DB Packet Storm

311717	9.8	CRITICAL Network	oceanicsoft	valeapp	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oceanic Software ValeApp allows SQL Injection.This issue affects ValeApp: before v2.0.0.	CWE-89 SQL Injection	CVE-2024-8607	2024-10-5 02:12	2024-09-27	Show	GitHub Exploit DB Packet Storm

311718	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: the warning dereferencing obj for nbio_v7_4 if ras_manager obj null, don't print NBIO err data	CWE-476 NULL Pointer Dereference	CVE-2024-46819	2024-10-5 02:11	2024-09-27	Show	GitHub Exploit DB Packet Storm

311719	5.4	MEDIUM Network	oceanicsoft	valeapp	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Oceanic Software ValeApp allows Stored XSS.This issue affects ValeApp: before v2.0.0.	CWE-79 Cross-site Scripting	CVE-2024-8608	2024-10-5 02:11	2024-09-27	Show	GitHub Exploit DB Packet Storm

311720	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDesc…	CWE-129 Improper Validation of Array Index	CVE-2024-46821	2024-10-5 02:06	2024-09-27	Show	GitHub Exploit DB Packet Storm