Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230081 9.3 危険 クイックヒール・テクノロジーズ・ジャパン株式会社 - CAT-QuickHeal におけるマルウェアの検知を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5524 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
230082 7.5 危険 pozscripts - PozScripts Business Directory Script の showcategory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5496 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
230083 7.5 危険 phpstore - PHPStore Wholesales の track.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5493 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
230084 9.3 危険 verypdf - VeryDOC PDF Viewer OCX Control の pdfview.ocx におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5492 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
230085 7.5 危険 slimcms - SlimCMS の edit.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5491 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
230086 7.5 危険 phpstore - PHPStore Yahoo Answers の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5490 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
230087 4.3 警告 turnkeyforms - TurnkeyForms Text Link Sales の admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5487 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
230088 7.5 危険 turnkeyforms - TurnkeyForms Text Link Sales の admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5486 2012-12-20 18:52 2008-12-12 Show GitHub Exploit DB Packet Storm
230089 4.3 警告 PunBB - PunBB の moderate.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5435 2012-12-20 18:52 2008-12-11 Show GitHub Exploit DB Packet Storm
230090 6.5 警告 PunBB - PunBB における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5434 2012-12-20 18:52 2008-12-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311541 5.3 MEDIUM
Network 		- - The Popup Box – Create Countdown, Coupon, Video, Contact Form Popups plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivate_plugin… CWE-862
 Missing Authorization 		CVE-2024-10861 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
311542 4.3 MEDIUM
Network 		- - The Popularis Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.7 via the 'elementor-template' shortcode due to insufficient restrictions on w… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-10795 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
311543 4.3 MEDIUM
Network 		- - The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of datadue to a missing capability check on the sla_clear_user_cache function in all versions up to, and inclu… CWE-862
 Missing Authorization 		CVE-2024-10786 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
311544 - - - When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax access… - CVE-2024-11263 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
311545 - - - A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure pr… - CVE-2024-9500 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
311546 - - - FlightPath 7.5 contains a Cross Site Scripting (XSS) vulnerability, which allows authenticated remote attackers with administrative rights to inject arbitrary JavaScript in the web browser of a user … - CVE-2024-50983 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
311547 - - - GLPI is a free asset and IT management software package. Starting in 9.2.0 and prior to 11.0.0, it is possible to download a document from the API without appropriate rights. Upgrade to 10.0.16. CWE-285
Improper Authorization 		CVE-2024-38370 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
311548 - - - Trial installer for McAfee Total Protection (legacy trial installer software) 16.0.53 allows local privilege escalation because of an Uncontrolled Search Path Element. The attacker could be "an adver… - CVE-2024-49592 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
311549 8.8 HIGH
Local 		- - Azure Stack HCI Elevation of Privilege Vulnerability CWE-798
 Use of Hard-coded Credentials 		CVE-2024-49060 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
311550 - - - An arbitrary file upload vulnerability in the component /Production/UploadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to execute arbitrary code via uploading crafted files. - CVE-2024-44758 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm