Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231061	4.3	警告	script-fun	-	SF-Shoutbox の main.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5948	2012-12-20 18:33	2007-11-13	Show	GitHub Exploit DB Packet Storm

231062	5	警告	usvn	-	USVN におけるリポジトリの内容の一覧を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-5945	2012-12-20 18:33	2007-11-6	Show	GitHub Exploit DB Packet Storm

231063	5	警告	Simple Machines	-	SMF におけるプライベートフォーラムのメッセージを読まれる脆弱性	CWE-16 環境設定	CVE-2007-5943	2012-12-20 18:33	2007-11-13	Show	GitHub Exploit DB Packet Storm

231064	4.6	警告	TUG	-	TeXLive で使用されている feynmf の feynmf.pl における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2007-5940	2012-12-20 18:33	2007-11-6	Show	GitHub Exploit DB Packet Storm

231065	6.8	警告	TUG teTeX	-	teTeX および TeXlive 2007 の dviljk におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5937	2012-12-20 18:33	2007-11-13	Show	GitHub Exploit DB Packet Storm

231066	3.6	注意	TUG teTeX	-	teTeX および TeXlive 2007 の dvips における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-5936	2012-12-20 18:33	2007-11-13	Show	GitHub Exploit DB Packet Storm

231067	7.8	危険	pioneers	-	Pioneers におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-5933	2012-12-20 18:33	2007-11-13	Show	GitHub Exploit DB Packet Storm

231068	6.8	警告	picoflat cms	-	Domenico Mancini PicoFlat CMS の index.php における特定のファイルをインクルードされる脆弱性	CWE-22 パス・トラバーサル	CVE-2007-5920	2012-12-20 18:33	2007-11-9	Show	GitHub Exploit DB Packet Storm

231069	6.8	警告	skalinks	-	Skalinks の admin/admin_account.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-5917	2012-12-20 18:33	2007-11-9	Show	GitHub Exploit DB Packet Storm

231070	7.5	危険	phphelpdesk	-	phphelpdesk における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-5916	2012-12-20 18:33	2007-11-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
317651	7.5	HIGH Network	avtecinc	outpost_uploader_utility outpost_0810_firmware	Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information.	CWE-321 Use of Hard-coded Cryptographic Key	CVE-2024-42418	2024-09-5 03:22	2024-08-23	Show	GitHub Exploit DB Packet Storm

317652	9.8	CRITICAL Network	angeljudesuarez	e-commerce_website	A vulnerability has been found in itsourcecode E-Commerce Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file search_list.php. The manipulat…	CWE-89 SQL Injection	CVE-2024-8139	2024-09-5 03:02	2024-08-25	Show	GitHub Exploit DB Packet Storm

317653	8.1	HIGH Network	progress	ws_ftp_server	In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor Authentication of the Web Transfer Module allows users to skip the second-factor verification and log in wit…	CWE-287 Improper Authentication	CVE-2024-7745	2024-09-5 02:57	2024-08-29	Show	GitHub Exploit DB Packet Storm

317654	6.5	MEDIUM Network	progress	ws_ftp_server	In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery, Pr…	CWE-22 Path Traversal	CVE-2024-7744	2024-09-5 02:57	2024-08-29	Show	GitHub Exploit DB Packet Storm

317655	5.4	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6 fail to properly restrict channel creation which allows a malicious remote to create arbitrary channels, when shared channels were enabled.	NVD-CWE-noinfo	CVE-2024-39837	2024-09-5 02:38	2024-08-2	Show	GitHub Exploit DB Packet Storm

317656	8.8	HIGH Network	easytest_online_test_platform_project	easytest_online_test_platform	SQL Injection in online dictionary function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the word parameter.	CWE-89 SQL Injection	CVE-2024-7871	2024-09-5 02:34	2024-09-2	Show	GitHub Exploit DB Packet Storm

317657	4.3	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow users to set their own remote username, when shared channels were enabled, which allows a user on a…	NVD-CWE-noinfo	CVE-2024-39839	2024-09-5 02:34	2024-08-2	Show	GitHub Exploit DB Packet Storm

317658	5.4	MEDIUM Network	phpoffice	phpspreadsheet	PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. In affected versions `\PhpOffice\PhpSpreadsheet\Writer\Html` doesn't sanitize spreadsheet styling information such as f…	CWE-79 Cross-site Scripting	CVE-2024-45046	2024-09-5 02:32	2024-08-29	Show	GitHub Exploit DB Packet Storm

317659	6.5	MEDIUM Network	phpoffice	phpspreadsheet	PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Affected versions are subject to a bypassing of a filter which allows for an XXE-attack. This in turn allows attacker t…	CWE-611 XXE	CVE-2024-45048	2024-09-5 02:27	2024-08-29	Show	GitHub Exploit DB Packet Storm

317660	7.1	HIGH Network	mattermost	mattermost_server	Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to properly validate synced posts, when shared channels are enabled, which allows a malicious remote to create…	NVD-CWE-noinfo	CVE-2024-41144	2024-09-5 02:25	2024-08-2	Show	GitHub Exploit DB Packet Storm