Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229411 7.5 危険 ravenphpscripts - KISGB の view_private.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1635 2012-12-20 18:52 2008-04-2 Show GitHub Exploit DB Packet Storm
229412 7.5 危険 whorl ltd - Jshop Server の v2demo/page.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1624 2012-12-20 18:52 2008-04-2 Show GitHub Exploit DB Packet Storm
229413 5 警告 ウォッチガード・テクノロジー - Watchguard Firebox の PPTP VPN サービスにおける有効なユーザ名をリスト化される脆弱性 CWE-200
情報漏えい 		CVE-2008-1618 2012-12-20 18:52 2008-04-7 Show GitHub Exploit DB Packet Storm
229414 4.3 警告 sebastian marsching - suPHP における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-1614 2012-12-20 18:52 2008-03-30 Show GitHub Exploit DB Packet Storm
229415 7.5 危険 reddot - RedDot CMS の ioRD.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1613 2012-12-20 18:52 2008-04-22 Show GitHub Exploit DB Packet Storm
229416 10 危険 tftp-server - Windows 上で稼動している TFTP Server におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1611 2012-12-20 18:52 2008-04-1 Show GitHub Exploit DB Packet Storm
229417 7.5 危険 tallsoft quick - TallSoft Quick TFTP Server Pro におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1610 2012-12-20 18:52 2008-04-1 Show GitHub Exploit DB Packet Storm
229418 6.8 警告 serby arslanhan - Serbay Arslanhan Bomba Haber の haberoku.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1607 2012-12-20 18:52 2008-04-1 Show GitHub Exploit DB Packet Storm
229419 7.5 危険 postnuke - PostNuke の pnVarPrepForStore 関数における SQL インジェクション攻撃を実行される脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1591 2012-12-20 18:52 2008-03-31 Show GitHub Exploit DB Packet Storm
229420 6.9 警告 policyd-weight - policyd-weight の create_lockpath 関数における任意のファイルを変更される脆弱性 CWE-362
競合状態 		CVE-2008-1570 2012-12-20 18:52 2008-03-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311921 - - - A cross-site scripting (XSS) vulnerability has been identified in Flatpress 1.3. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users. - CVE-2024-33210 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311922 - - - DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped (more specifically, (datadump-table-column-queued), (datadump-table-column-in-progress), (data… CWE-79
CWE-80
Cross-site Scripting
Basic XSS 		CVE-2024-47612 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311923 - - - A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges. - CVE-2024-44193 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311924 - - - According to the researcher: "The TLS connections are encrypted against tampering or eavesdropping. However, the application does not validate the server certificate properly while initializing the T… - CVE-2024-44097 2024-10-4 22:50 2024-10-2 Show GitHub Exploit DB Packet Storm
311925 - - - A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files. - CVE-2024-8885 2024-10-4 22:50 2024-10-2 Show GitHub Exploit DB Packet Storm
311926 - - - Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This en… - CVE-2024-8038 2024-10-4 22:50 2024-10-2 Show GitHub Exploit DB Packet Storm
311927 - - - JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to a… - CVE-2024-7558 2024-10-4 22:50 2024-10-2 Show GitHub Exploit DB Packet Storm
311928 6.5 MEDIUM
Network 		- - An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials. CWE-306
Missing Authentication for Critical Function 		CVE-2024-35294 2024-10-4 22:50 2024-10-2 Show GitHub Exploit DB Packet Storm
311929 9.1 CRITICAL
Network 		- - An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS. CWE-306
Missing Authentication for Critical Function 		CVE-2024-35293 2024-10-4 22:50 2024-10-2 Show GitHub Exploit DB Packet Storm
311930 - - - Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited amount of documents via incorrect access control list calculation - CVE-2024-9333 2024-10-4 22:50 2024-10-2 Show GitHub Exploit DB Packet Storm