Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228991 6.4 警告 トレンドマイクロ - Trend Micro OfficeScan Corporate Edition におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1365 2012-12-20 18:34 2008-03-17 Show GitHub Exploit DB Packet Storm
228992 4.3 警告 Zabbix - ZABBIX の zabbix_agentd におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2008-1353 2012-12-20 18:34 2008-03-17 Show GitHub Exploit DB Packet Storm
228993 4.9 警告 SCO - SCO UnixWare の pkgadd および pkgrm におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1343 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
228994 4.3 警告 polymita technologies - Polymita BPM-Suite などの search 機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1342 2012-12-20 18:34 2008-03-17 Show GitHub Exploit DB Packet Storm
228995 6.8 警告 woltlab - wBB の index.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-1323 2012-12-20 18:34 2008-03-13 Show GitHub Exploit DB Packet Storm
228996 9.3 危険 versant - Borland CaliberRM などで使用される Versant Object Database における任意のコマンドを実行される脆弱性 CWE-DesignError
CVE-2008-1319 2012-12-20 18:34 2008-03-13 Show GitHub Exploit DB Packet Storm
228997 6.8 警告 qt-cute - QT-cute QuickTalk フォーラムの qtf_ind_search_ov.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1316 2012-12-20 18:34 2008-03-13 Show GitHub Exploit DB Packet Storm
228998 7.5 危険 PHPNUKE - PHP-Nuke 用の ZClassifieds モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1315 2012-12-20 18:34 2008-03-13 Show GitHub Exploit DB Packet Storm
228999 7.5 危険 sudirman angriawan - PHP-Nuke 用の Sudirman Angriawan NukeC30 モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1308 2012-12-20 18:34 2008-03-12 Show GitHub Exploit DB Packet Storm
229000 4.3 警告 WordPress.org - WordPress におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1304 2012-12-20 18:34 2008-03-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311741 6.1 MEDIUM
Network 		stellarwp the_events_calendar The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via RSVP name field in all versions up to, and including, 6.6.3 due to insufficient input sanitization and ou… CWE-79
Cross-site Scripting 		CVE-2024-6931 2024-10-5 04:08 2024-09-27 Show GitHub Exploit DB Packet Storm
311742 5.4 MEDIUM
Network 		leap13 premium_addons_for_elementor The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, and including, 4.10.52 due to insufficient… CWE-79
Cross-site Scripting 		CVE-2024-8681 2024-10-5 04:04 2024-09-27 Show GitHub Exploit DB Packet Storm
311743 5.4 MEDIUM
Network 		codesupply absolute_reviews The Absolute Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Name' field of a custom post criteria in all versions up to, and including, 1.1.3 due to insufficient i… CWE-79
Cross-site Scripting 		CVE-2024-8965 2024-10-5 04:04 2024-09-27 Show GitHub Exploit DB Packet Storm
311744 8.8 HIGH
Network 		advantech adam-5630_firmware Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites fro… CWE-352
 Origin Validation Error 		CVE-2024-28948 2024-10-5 03:58 2024-09-28 Show GitHub Exploit DB Packet Storm
311745 5.4 MEDIUM
Network 		hyumika openstreetmap The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's osm_map and osm_map_v3 shortcodes in all versions up to, and including, 6.1.0 due to insuffi… CWE-79
Cross-site Scripting 		CVE-2024-8991 2024-10-5 03:56 2024-09-27 Show GitHub Exploit DB Packet Storm
311746 5.4 MEDIUM
Network 		fastlinemedia beaver_builder The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Group module in all versions up to, and including, 2.8.3.6 due to… CWE-79
Cross-site Scripting 		CVE-2024-9049 2024-10-5 03:53 2024-09-27 Show GitHub Exploit DB Packet Storm
311747 4.3 MEDIUM
Network 		bg5sbk minicms A vulnerability was found in bg5sbk MiniCMS 1.11. It has been classified as problematic. Affected is an unknown function of the file page-edit.php. The manipulation leads to cross-site request forger… CWE-352
 Origin Validation Error 		CVE-2024-9282 2024-10-5 03:33 2024-09-27 Show GitHub Exploit DB Packet Storm
311748 7.5 HIGH
Network 		amirraminfar dozzle Dozzle is a realtime log viewer for docker containers. Before version 8.5.3, the app uses sha-256 as the hash for passwords, which leaves users susceptible to rainbow table attacks. The app switches … CWE-326
Inadequate Encryption Strength 		CVE-2024-47182 2024-10-5 03:31 2024-09-27 Show GitHub Exploit DB Packet Storm
311749 8.2 HIGH
Network 		openpetra openpetra Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMCommon.asmx function. CWE-79
Cross-site Scripting 		CVE-2024-40510 2024-10-5 03:28 2024-09-28 Show GitHub Exploit DB Packet Storm
311750 8.8 HIGH
Network 		themewinter eventin The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.8 via multiple style paramete… CWE-22
Path Traversal 		CVE-2024-7149 2024-10-5 03:23 2024-09-27 Show GitHub Exploit DB Packet Storm