Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229061	5	警告	ソフォス	-	Sophos Anti-Virus のウィルス検出エンジンにおけるマルウェアの検出を回避される脆弱性	CWE-20 不適切な入力確認	CVE-2007-4787	2012-12-20 18:33	2007-09-10	Show	GitHub Exploit DB Packet Storm

229062	7.5	危険	tim jackson	-	PHPOF の dbmodules/DB_adodb.class.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4763	2012-12-20 18:33	2007-09-8	Show	GitHub Exploit DB Packet Storm

229063	7.5	危険	phpmytourney	-	phpMytourney の menu.php における PHP リモートファイルインクルージョンの脆弱性	CWE-20 不適切な入力確認	CVE-2007-4757	2012-12-20 18:33	2007-09-8	Show	GitHub Exploit DB Packet Storm

229064	5	警告	Thomson	-	Thomson ST 2030 SIP 電話機におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2007-4753	2012-12-20 18:33	2007-09-7	Show	GitHub Exploit DB Packet Storm

229065	6.8	警告	ppstream	-	PPStream の PowerPlayer.dll ActiveX コントロールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-4748	2012-12-20 18:33	2007-09-6	Show	GitHub Exploit DB Packet Storm

229066	9.3	危険	telecom italy	-	Telecom Italy Alice Messenger の Hp.Revolution.RegistryManager.dll 1 におけるレジストリキーを作成される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-4740	2012-12-20 18:33	2007-09-6	Show	GitHub Exploit DB Packet Storm

229067	7.5	危険	speedtech	-	SpeedTech PHP Library における PHP リモートファイルインクルージョンの脆弱性	CWE-20 CWE-94	CVE-2007-4738	2012-12-20 18:33	2007-09-6	Show	GitHub Exploit DB Packet Storm

229068	7.5	危険	speedtech	-	STPHPLibrary における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-4737	2012-12-20 18:33	2007-09-6	Show	GitHub Exploit DB Packet Storm

229069	10	危険	トレンドマイクロ	-	Trend Micro ServerProtect の TMReg.dll におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-4731	2012-12-20 18:33	2007-09-11	Show	GitHub Exploit DB Packet Storm

229070	5	警告	weboddity	-	Web Oddity におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-4726	2012-12-20 18:33	2007-09-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312161	-		-	-	An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.	-	CVE-2024-32843	2024-09-12 11:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

312162	-		-	-	An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.	-	CVE-2024-32842	2024-09-12 11:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

312163	-		-	-	An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.	-	CVE-2024-32840	2024-09-12 11:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

312164	-		-	-	Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.	-	CVE-2024-29847	2024-09-12 11:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

312165	-		-	-	A vulnerability was found in ?????????? Yunke Online School System up to 3.0.6. It has been declared as problematic. This vulnerability affects the function downfile of the file application/admin/con…	CWE-22 Path Traversal	CVE-2024-8707	2024-09-12 10:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

312166	7.3	HIGH Local	microsoft	office publisher	Microsoft Publisher Security Feature Bypass Vulnerability	NVD-CWE-noinfo	CVE-2024-38226	2024-09-12 10:00	2024-09-11	Show	GitHub Exploit DB Packet Storm

312167	-		-	-	A vulnerability was found in JFinalCMS up to 20240903. It has been classified as problematic. This affects the function update of the file /admin/template/update of the component com.cms.util.Templat…	CWE-22 Path Traversal	CVE-2024-8706	2024-09-12 09:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

312168	-		-	-	Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.8, including 8.3.x, discloses database passwords when searching metadata injectable fields.	-	CVE-2024-28981	2024-09-12 09:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

312169	6.1	MEDIUM Network	friendica	friendica	Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature.	CWE-79 Cross-site Scripting	CVE-2024-27729	2024-09-12 05:29	2024-08-16	Show	GitHub Exploit DB Packet Storm

312170	6.5	MEDIUM Network	elastic	apm_server	APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2024-37286	2024-09-12 05:20	2024-08-4	Show	GitHub Exploit DB Packet Storm