Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228301	3.5	注意	PunBB	-	PunBB のパスワードリセット機能における新規パスワードを特定される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-1484	2012-12-20 18:52	2008-02-20	Show	GitHub Exploit DB Packet Storm

228302	6.8	警告	Xine	-	xine-lib における整数オーバーフローの脆弱性	CWE-119 CWE-189	CVE-2008-1482	2012-12-20 18:52	2008-03-24	Show	GitHub Exploit DB Packet Storm

228303	4.3	警告	webSPELL	-	webSPELL の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1481	2012-12-20 18:52	2008-03-24	Show	GitHub Exploit DB Packet Storm

228304	4.3	警告	s9y	-	S9Y におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1476	2012-12-20 18:52	2008-03-18	Show	GitHub Exploit DB Packet Storm

228305	6.4	警告	Roundup	-	Roundup の xml-rpc サーバにおける制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-1475	2012-12-20 18:52	2008-03-24	Show	GitHub Exploit DB Packet Storm

228306	4.3	警告	Roundup	-	Roundup における脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1474	2012-12-20 18:52	2008-03-24	Show	GitHub Exploit DB Packet Storm

228307	7.2	危険	シマンテック	-	Symantec Altiris Deployment Solution の Altiris Client Service における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-1473	2012-12-20 18:52	2008-03-10	Show	GitHub Exploit DB Packet Storm

228308	4.3	警告	RSAセキュリティ	-	WebID RSA Authentication Agent の IISWebAgentIF.dll におけるクロスサイトスクリプティング (XSS) 攻撃を実行される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1470	2012-12-20 18:52	2008-03-24	Show	GitHub Exploit DB Packet Storm

228309	7.5	危険	W-Agora	-	W-Agora における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1466	2012-12-20 18:52	2008-03-24	Show	GitHub Exploit DB Packet Storm

228310	6.8	警告	runcms	-	RunCMS の Section モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1462	2012-12-20 18:52	2008-03-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311851	5.3	MEDIUM Network	funnelforms	funnelforms_free	The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability…	CWE-862 Missing Authorization	CVE-2024-7447	2024-09-14 04:33	2024-08-28	Show	GitHub Exploit DB Packet Storm

311852	5.3	MEDIUM Network	permalink_manager_lite_project	permalink_manager_lite	The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'debug_data', 'debug_query', and 'debug_redirect' functions in al…	CWE-862 Missing Authorization	CVE-2024-8195	2024-09-14 04:28	2024-08-28	Show	GitHub Exploit DB Packet Storm

311853	5.5	MEDIUM Local	cisco	duo_authentication_for_epic	A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to view sensitive information in cleartext on an affected system. This vulnerability is due to imprope…	CWE-311 Missing Encryption of Sensitive Data	CVE-2024-20503	2024-09-14 04:24	2024-09-5	Show	GitHub Exploit DB Packet Storm

311854	9.8	CRITICAL Network	fabianros	hospital_management_system	A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component L…	CWE-89 SQL Injection	CVE-2024-8368	2024-09-14 04:23	2024-09-1	Show	GitHub Exploit DB Packet Storm

311855	3.9	LOW Physics	redhat opensc_project	enterprise_linux opensc	A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially craft…	CWE-908 Use of Uninitialized Resource	CVE-2024-45617	2024-09-14 04:21	2024-09-4	Show	GitHub Exploit DB Packet Storm

311856	3.9	LOW Physics	redhat opensc_project	enterprise_linux opensc	A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially craft…	CWE-908 Use of Uninitialized Resource	CVE-2024-45616	2024-09-14 04:21	2024-09-4	Show	GitHub Exploit DB Packet Storm

311857	3.9	LOW Physics	redhat opensc_project	enterprise_linux opensc	A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to other function…	CWE-908 Use of Uninitialized Resource	CVE-2024-45615	2024-09-14 04:21	2024-09-4	Show	GitHub Exploit DB Packet Storm

311858	5.4	MEDIUM Network	wpzoom	wpzoom_portfolio	The WPZOOM Portfolio Lite – Filterable Portfolio Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:wpzoom-blocks' Gutenberg block in al…	CWE-79 Cross-site Scripting	CVE-2024-8276	2024-09-14 04:19	2024-08-31	Show	GitHub Exploit DB Packet Storm

311859	6.5	MEDIUM Network	microfocus	netiq_advanced_authentication	A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authent…	CWE-312 Cleartext Storage of Sensitive Information	CVE-2021-22509	2024-09-14 03:05	2024-08-28	Show	GitHub Exploit DB Packet Storm

311860	8.8	HIGH Adjacent	microfocus	netiq_advanced_authentication	Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authent…	CWE-326 Inadequate Encryption Strength	CVE-2021-38121	2024-09-14 03:04	2024-08-28	Show	GitHub Exploit DB Packet Storm