Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230521	5	警告	softwin	-	SMB の BitDefender Mail Protection におけるウィルス検出を回避される脆弱性	-	CVE-2006-6405	2012-12-20 18:02	2006-12-9	Show	GitHub Exploit DB Packet Storm

230522	7.5	危険	superfreaker studios	-	Superfreaker Studios UPublisher における SQL インジェクションの脆弱性	-	CVE-2006-6399	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230523	7.5	危険	superfreaker studios	-	Superfreaker Studios UPublisher における SQL インジェクションの脆弱性	-	CVE-2006-6398	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230524	5	警告	ulrik petersen	-	Ulrik Petersen Emdros Database Engine におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6395	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230525	7.5	危険	plx web studio	-	plx Web Studio plx Pay の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6392	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230526	6.8	警告	positive software	-	Positive Software H-Sphere のコントロールパネルにおける任意のファイルにログデータを追加される脆弱性	-	CVE-2006-6382	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230527	7.5	危険	ultimate helpdesk	-	Ultimate HelpDesk の getfile.asp におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6381	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230528	6.8	警告	ultimate helpdesk	-	Ultimate HelpDesk の index.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6380	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230529	7.5	危険	widcomm	-	BTSaveMySql における設定情報を取得される脆弱性	-	CVE-2006-6378	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230530	7.5	危険	uploadscript	-	Uploadscript における admin パスワードハッシュを取得される脆弱性	-	CVE-2006-6377	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313721	8.8	HIGH Network	casbin	casdoor	Casdoor is a UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform. In Casdoor 1.577.0 and earlier, a logic vulnerability exists in the beego filter CorsFilter that allows any…	CWE-697 Incorrect Comparison	CVE-2024-41657	2024-08-29 01:13	2024-08-21	Show	GitHub Exploit DB Packet Storm

313722	6.1	MEDIUM Network	casbin	casdoor	Casdoor is a UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform. In Casdoor 1.577.0 and earlier, he purchase URL that is created to generate a WechatPay QR code is vulnera…	CWE-79 Cross-site Scripting	CVE-2024-41658	2024-08-29 01:08	2024-08-21	Show	GitHub Exploit DB Packet Storm

313723	-		-	-	The Quiz and Survey Master (QSM) WordPress plugin before 9.1.1 fails to validate and escape certain Quiz fields before displaying them on a page or post where the Quiz is embedded, which could allow…	-	CVE-2024-6879	2024-08-29 00:35	2024-08-26	Show	GitHub Exploit DB Packet Storm

313724	7.5	HIGH Network	hex-rays	ida_pro	ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. …	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2024-44083	2024-08-29 00:15	2024-08-19	Show	GitHub Exploit DB Packet Storm

313725	-		-	-	A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote attacker to escalate privileges	-	CVE-2022-39997	2024-08-28 23:35	2024-08-28	Show	GitHub Exploit DB Packet Storm

313726	8.8	HIGH Network	apache	hertzbeat	Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated (user role) RCE via unsafe deserialization in /api/monitors/import. This vulnerability is fixed in 1.6.0.	CWE-502 Deserialization of Untrusted Data	CVE-2024-42362	2024-08-28 22:49	2024-08-21	Show	GitHub Exploit DB Packet Storm

313727	9.8	CRITICAL Network	apache	hertzbeat	Hertzbeat is an open source, real-time monitoring system. Hertzbeat 1.6.0 and earlier declares a /api/monitor/{monitorId}/metric/{metricFull} endpoint to download job metrics. In the process, it exec…	CWE-89 SQL Injection	CVE-2024-42361	2024-08-28 22:49	2024-08-21	Show	GitHub Exploit DB Packet Storm

313728	-		-	-	Hydra is a Continuous Integration service for Nix based projects. It is possible to trigger evaluations in Hydra without any authentication. Depending on the size of evaluations, this can impact the …	-	CVE-2024-45049	2024-08-28 21:57	2024-08-28	Show	GitHub Exploit DB Packet Storm

313729	-		-	-	Meshtastic device firmware is a firmware for meshtastic devices to run an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic device firmware …	-	CVE-2024-45038	2024-08-28 21:57	2024-08-28	Show	GitHub Exploit DB Packet Storm

313730	-		-	-	A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extens…	-	CVE-2024-5814	2024-08-28 21:57	2024-08-28	Show	GitHub Exploit DB Packet Storm