Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230681	7.5	危険	web group communication center	-	WGCC の quiz.php における SQL インジェクションの脆弱性	-	CVE-2006-5514	2012-12-20 18:02	2006-10-26	Show	GitHub Exploit DB Packet Storm

230682	4.3	警告	zwahlen informatik	-	Zwahlen Online Shop の article.htm におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5512	2012-12-20 18:02	2006-10-25	Show	GitHub Exploit DB Packet Storm

230683	7.5	危険	woltlab	-	WoltLab Burning Book の addentry.php における任意の PHP コードを実行される脆弱性	-	CVE-2006-5509	2012-12-20 18:02	2006-10-25	Show	GitHub Exploit DB Packet Storm

230684	7.5	危険	woltlab	-	WoltLab Burning Book の addentry.php における SQL インジェクションの脆弱性	-	CVE-2006-5508	2012-12-20 18:02	2006-10-25	Show	GitHub Exploit DB Packet Storm

230685	7.5	危険	wiclear	-	WiClear における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-5506	2012-12-20 18:02	2006-10-25	Show	GitHub Exploit DB Packet Storm

230686	4.3	警告	Simple Machines	-	SMF の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5504	2012-12-20 18:02	2006-10-25	Show	GitHub Exploit DB Packet Storm

230687	4.3	警告	Simple Machines	-	SMF の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5503	2012-12-20 18:02	2006-10-25	Show	GitHub Exploit DB Packet Storm

230688	5.1	警告	xchangeboard	-	XchangeBoard の inc/DBInterface.php における SQL インジェクションの脆弱性	-	CVE-2006-5500	2012-12-20 18:02	2006-10-25	Show	GitHub Exploit DB Packet Storm

230689	6.8	警告	s9y	-	s9y におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5499	2012-12-20 18:02	2006-10-25	Show	GitHub Exploit DB Packet Storm

230690	4.3	警告	timothy claason	-	Timothy Claason KnowledgeBank におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5496	2012-12-20 18:02	2006-10-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313951	7.2	HIGH Network	-	-	The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.24.8 due to insufficient input sanitization an…	-	CVE-2024-7301	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

313952	4.3	MEDIUM Network	-	-	The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.1.7. This is due to missing or incorrect nonce validation on the tml_admin_…	-	CVE-2024-7422	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

313953	4.3	MEDIUM Network	-	-	The Custom Field For WP Job Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2 via the the 'cm_fieldshow' shortcode due to missin…	-	CVE-2023-7049	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

313954	-		-	-	UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, …	CWE-120 Classic Buffer Overflow	CVE-2024-7849	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

313955	-		-	-	calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning …	-	CVE-2024-43378	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

313956	-		-	-	gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting (XSS) injection if `.po` dictionary definition files are corrupted. This vulnerability has been patched in v…	-	CVE-2024-43370	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

313957	-		-	-	Ibexa RichText Field Type is a Field Type for supporting rich formatted text stored in a structured XML format. In versions on the 4.6 branch prior to 4.6.10, the validator for the RichText fieldtype…	-	CVE-2024-43369	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

313958	-		-	-	In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by…	-	CVE-2024-34741	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

313959	-		-	-	In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible arbitrary XML injection due to an integer overflow. This could lead to local escalation of privilege wit…	-	CVE-2024-34740	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

313960	-		-	-	In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code. This could lead to local escalation of privilege with …	-	CVE-2024-34739	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm