Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230491 7.5 危険 spacial audio solutions - samPHPweb の common/db.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0143 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230492 9.3 危険 ZyXEL - ZyXEL P-330W ルータの Web 管理インターフェースにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-6730 2012-12-20 18:34 2009-09-10 Show GitHub Exploit DB Packet Storm
230493 4.3 警告 ZyXEL - ZyXEL P-330W ルータの Web 管理インターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6729 2012-12-20 18:34 2009-09-10 Show GitHub Exploit DB Packet Storm
230494 6.8 警告 webportal - WebPortal CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0142 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230495 7.5 危険 webportal - WebPortal CMS の actions.php における任意のアカウントへのアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-0141 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230496 6.4 警告 uebimiau - Uebimiau Webmail の error.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0140 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230497 7.5 危険 snetworks - SNETWORKS PHP CLASSIFIEDS の config.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0137 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230498 5 警告 snitz forums 2000 - Snitz Forums 2000 における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-0136 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230499 5 警告 snitz forums 2000 - Snitz Forums 2000 におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0135 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
230500 4.3 警告 snitz forums 2000 - Snitz Forums 2000 の Forums/setup.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0134 2012-12-20 18:34 2008-01-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312581 - - - OSS Endpoint Manager is an endpoint manager module for FreePBX. OSS Endpoint Manager module activation can allow authenticated web users unauthorized access to read system files with the permissions … CWE-22
Path Traversal 		CVE-2024-47071 2024-10-4 22:51 2024-10-2 Show GitHub Exploit DB Packet Storm
312582 - - - The WebDAV service in Infinera TNMS (Transcend Network Management System) 19.10.3 allows a low-privileged remote attacker to conduct unauthorized file operations, because of execution with unnecessar… - CVE-2024-25660 2024-10-4 22:51 2024-10-2 Show GitHub Exploit DB Packet Storm
312583 - - - In Infinera TNMS (Transcend Network Management System) 19.10.3, an insecure default configuration of the internal SFTP server on Linux servers allows remote attacker to access files and directories o… - CVE-2024-25659 2024-10-4 22:51 2024-10-2 Show GitHub Exploit DB Packet Storm
312584 - - - Pagekit 1.0.18 is vulnerable to Cross Site Scripting (XSS) in index.php/admin/site/widget. - CVE-2024-45967 2024-10-4 22:51 2024-10-2 Show GitHub Exploit DB Packet Storm
312585 - - - eLabFTW is an open source electronic lab notebook for research labs. An incorrect permission check has been found that could allow an authenticated user to access several kinds of otherwise restricte… CWE-284
Improper Access Control 		CVE-2024-45408 2024-10-4 22:51 2024-10-2 Show GitHub Exploit DB Packet Storm
312586 - - - PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to Command injection via shell metacharacters in a Software Update to processing.php. - CVE-2024-44610 2024-10-4 22:51 2024-10-2 Show GitHub Exploit DB Packet Storm
312587 - - - Decidim is a participatory democracy framework. The version control feature used in resources is subject to potential XSS attack through a malformed URL. This vulnerability is fixed in 0.27.8. CWE-79
Cross-site Scripting 		CVE-2024-41673 2024-10-4 22:51 2024-10-2 Show GitHub Exploit DB Packet Storm
312588 - - - In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive information in memory of the desktop application TNMS Client allows guest OS administrators to obtain va… - CVE-2024-25661 2024-10-4 22:51 2024-10-2 Show GitHub Exploit DB Packet Storm
312589 - - - eLabFTW is an open source electronic lab notebook for research labs. In the context of eLabFTW, an administrator is a user account with certain privileges to manage users and content in their assigne… CWE-266
CWE-842
 Incorrect Privilege Assignment
 Placement of User into Incorrect Group 		CVE-2024-25632 2024-10-4 22:51 2024-10-2 Show GitHub Exploit DB Packet Storm
312590 - - - An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via placing crafted binaries into unspecified directories. - CVE-2024-44744 2024-10-4 22:51 2024-10-1 Show GitHub Exploit DB Packet Storm