Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229761 4.9 警告 shape services - Pocket PC 用の Shape Services IM+ Mobile Instant Messenger における重要な情報を取得される脆弱性 - CVE-2006-4615 2012-12-20 18:02 2005-08-17 Show GitHub Exploit DB Packet Storm
229762 6.8 警告 Softbb.net - SoftBB の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4593 2012-12-20 18:02 2006-09-6 Show GitHub Exploit DB Packet Storm
229763 7.5 危険 Vtiger - vtiger CRM における認証を回避される脆弱性 - CVE-2006-4588 2012-12-20 18:02 2006-09-6 Show GitHub Exploit DB Packet Storm
229764 6.8 警告 Vtiger - vtiger CRM におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4587 2012-12-20 18:02 2006-09-6 Show GitHub Exploit DB Packet Storm
229765 5.5 警告 tr forum - Tr Forum の admin パネルにおける許可されていない操作を実行される脆弱性 - CVE-2006-4586 2012-12-20 18:02 2006-09-6 Show GitHub Exploit DB Packet Storm
229766 9 危険 tr forum - Tr Forum の admin/editer.php における SQL インジェクションの脆弱性 - CVE-2006-4585 2012-12-20 18:02 2006-09-6 Show GitHub Exploit DB Packet Storm
229767 7.5 危険 tr forum - Tr Forum における認証を回避される脆弱性 - CVE-2006-4584 2012-12-20 18:02 2006-09-6 Show GitHub Exploit DB Packet Storm
229768 5 警告 the address book - The Address Book におけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2006-4582 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
229769 5 警告 the address book - The Address Book における任意の PHP スクリプトをアップロードされる脆弱性 - CVE-2006-4581 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
229770 7.5 危険 the address book - The Address Book の register.php における "ユーザの自己登録を許可" の設定を回避される脆弱性 - CVE-2006-4580 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313401 - - - A vulnerability was found in Point B Ltd Getscreen Agent 2.19.6 on Windows. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file getscreen.msi of t… CWE-378
 Creation of Temporary File With Insecure Permissions 		CVE-2024-7358 2024-08-2 01:45 2024-08-1 Show GitHub Exploit DB Packet Storm
313402 - - - mmudb v1.9.3 was discovered to use the HTTP protocol in the ShowMetricsRaw and ShowMetricsAsText functions, possibly allowing attackers to intercept communications via a man-in-the-middle attack. - CVE-2024-41262 2024-08-2 01:35 2024-08-1 Show GitHub Exploit DB Packet Storm
313403 - - - filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a man-in-the-middle attack via the Init function of index.go. - CVE-2024-41255 2024-08-2 00:35 2024-08-1 Show GitHub Exploit DB Packet Storm
313404 - - - The SpiderContacts WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used again… - CVE-2024-6272 2024-08-2 00:35 2024-07-31 Show GitHub Exploit DB Packet Storm
313405 6.4 MEDIUM
Network 		- - The Element Pack - Addon for Elementor Page Builder WordPress Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget wrapper link URL in all versions up to, and inclu… - CVE-2024-2455 2024-08-1 23:04 2024-08-1 Show GitHub Exploit DB Packet Storm
313406 - - - it's possible for an attacker to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions. This is due to improper logic flow on the user re… - CVE-2024-6695 2024-08-1 23:00 2024-07-31 Show GitHub Exploit DB Packet Storm
313407 - - - The Slider by 10Web WordPress plugin before 1.2.57 does not sanitise and escape its Slider Title, which could allow high privilege users such as editors and above to perform Cross-Site Scripting att… - CVE-2024-6408 2024-08-1 23:00 2024-07-31 Show GitHub Exploit DB Packet Storm
313408 - - - The WANotifier WordPress plugin before 2.6.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks ev… - CVE-2024-6165 2024-08-1 23:00 2024-07-31 Show GitHub Exploit DB Packet Storm
313409 - - - os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp secti… - CVE-2024-42381 2024-08-1 22:59 2024-07-31 Show GitHub Exploit DB Packet Storm
313410 - - - goframe v2.7.2 is configured to skip TLS certificate verification, possibly allowing attackers to execute a man-in-the-middle attack via the gclient component. - CVE-2024-41253 2024-08-1 22:58 2024-08-1 Show GitHub Exploit DB Packet Storm