Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 2:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229151 4.9 警告 シマンテック - Symantec Norton Personal Firewall などの \Device\SymEvent ドライバにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1495 2012-12-20 18:19 2007-03-16 Show GitHub Exploit DB Packet Storm
229152 6.8 警告 web-app.org - web-app.org WebAPP における管理アクセス権限を取得される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-1489 2012-12-20 18:19 2007-03-16 Show GitHub Exploit DB Packet Storm
229153 7.5 危険 wbblog - WBBlog の index.php における SQL インジェクションの脆弱性 - CVE-2007-1481 2012-12-20 18:19 2007-03-16 Show GitHub Exploit DB Packet Storm
229154 1.9 注意 シマンテック - Symantec Norton Personal Firewall などの SYMTDI.SYS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-1476 2012-12-20 18:19 2007-03-16 Show GitHub Exploit DB Packet Storm
229155 6.8 警告 t-systems solutions for research gmbh - Groupit の groupit/base/groupit.start.inc におけるリモートファイルインクルージョン攻撃を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1472 2012-12-20 18:19 2007-03-16 Show GitHub Exploit DB Packet Storm
229156 7.5 危険 xigla - Absolute Image Gallery の gallery.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-1469 2012-12-20 18:19 2007-03-16 Show GitHub Exploit DB Packet Storm
229157 6.8 警告 webcreator - WebCreator における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1459 2012-12-20 18:19 2007-03-14 Show GitHub Exploit DB Packet Storm
229158 7.5 危険 PHPNUKE - PHP-Nuke の mainfile.php における SQL インジェクションの脆弱性 - CVE-2007-1450 2012-12-20 18:19 2007-03-14 Show GitHub Exploit DB Packet Storm
229159 4.3 警告 PHPNUKE - PHP-Nuke の mainfile.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1449 2012-12-20 18:19 2007-03-14 Show GitHub Exploit DB Packet Storm
229160 4.3 警告 woltlab - wBB および Burning Board Lite の register.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-1443 2012-12-20 18:19 2007-03-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312781 4.3 MEDIUM
Network 		- - The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.1.7. This is due to missing or incorrect nonce validation on the tml_admin_… - CVE-2024-7422 2024-08-19 22:00 2024-08-16 Show GitHub Exploit DB Packet Storm
312782 4.3 MEDIUM
Network 		- - The Custom Field For WP Job Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2 via the the 'cm_fieldshow' shortcode due to missin… - CVE-2023-7049 2024-08-19 22:00 2024-08-16 Show GitHub Exploit DB Packet Storm
312783 - - - ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, … CWE-120
Classic Buffer Overflow 		CVE-2024-7849 2024-08-19 22:00 2024-08-16 Show GitHub Exploit DB Packet Storm
312784 - - - calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning … - CVE-2024-43378 2024-08-19 22:00 2024-08-16 Show GitHub Exploit DB Packet Storm
312785 - - - gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting (XSS) injection if `.po` dictionary definition files are corrupted. This vulnerability has been patched in v… - CVE-2024-43370 2024-08-19 22:00 2024-08-16 Show GitHub Exploit DB Packet Storm
312786 - - - Ibexa RichText Field Type is a Field Type for supporting rich formatted text stored in a structured XML format. In versions on the 4.6 branch prior to 4.6.10, the validator for the RichText fieldtype… - CVE-2024-43369 2024-08-19 22:00 2024-08-16 Show GitHub Exploit DB Packet Storm
312787 - - - In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by… - CVE-2024-34741 2024-08-19 22:00 2024-08-16 Show GitHub Exploit DB Packet Storm
312788 - - - In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible arbitrary XML injection due to an integer overflow. This could lead to local escalation of privilege wit… - CVE-2024-34740 2024-08-19 22:00 2024-08-16 Show GitHub Exploit DB Packet Storm
312789 - - - In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code. This could lead to local escalation of privilege with … - CVE-2024-34739 2024-08-19 22:00 2024-08-16 Show GitHub Exploit DB Packet Storm
312790 - - - In multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to read their own restrictRead app-op states due to a logic error in the code. This could lead to local esca… - CVE-2024-34738 2024-08-19 22:00 2024-08-16 Show GitHub Exploit DB Packet Storm