Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231191 4.3 警告 yannick tanguy - ELSEIF CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5304 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
231192 4.3 警告 snewscms - SnewsCMS Rus の news_page.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5303 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
231193 4.3 警告 splitside - Directory Image Gallery の photos.cfm におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5292 2012-12-20 18:33 2007-10-9 Show GitHub Exploit DB Packet Storm
231194 4.3 警告 zomplog - Zomplog におけるファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5278 2012-12-20 18:33 2007-10-8 Show GitHub Exploit DB Packet Storm
231195 6.8 警告 trionic - Trionic Cite CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5271 2012-12-20 18:33 2007-10-8 Show GitHub Exploit DB Packet Storm
231196 7.5 危険 phpfreelog - phpFreeLog の log.php における PHP リモートファイルインクルージョンの脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5258 2012-12-20 18:33 2007-10-6 Show GitHub Exploit DB Packet Storm
231197 7.2 危険 VirusBlokAda Ltd. - VirusBlokAda Vba32 AntiVirus における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5254 2012-12-20 18:33 2007-10-6 Show GitHub Exploit DB Packet Storm
231198 4.3 警告 webhost automation - Helm におけるクロスサイトスクリプティングの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-5251 2012-12-20 18:33 2007-10-6 Show GitHub Exploit DB Packet Storm
231199 4.3 警告 uebimiau - Uebimiau の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5235 2012-12-20 18:33 2007-10-5 Show GitHub Exploit DB Packet Storm
231200 4.6 警告 zomplog - Zomplog の admin/upload_files.php における任意の PHP ファイルを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5231 2012-12-20 18:33 2007-10-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
316871 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: btrfs: prevent copying too big compressed lzo segment Compressed length can be corrupted to be a lot larger than memory we have a… CWE-787
 Out-of-bounds Write 		CVE-2022-48923 2024-09-12 21:50 2024-08-22 Show GitHub Exploit DB Packet Storm
316872 7.2 HIGH
Network 		lifterlms lifterlms The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to blind SQL Injection via the 'order' parameter in all versions up to, and including, 7.7.5 due to … CWE-89
SQL Injection 		CVE-2024-7349 2024-09-12 21:43 2024-09-6 Show GitHub Exploit DB Packet Storm
316873 9.8 CRITICAL
Network 		plechevandrey wp-recall The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to privilege escalation/account takeover in all versions up to, and including, 16.26.8. This is due to to plu… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-8292 2024-09-12 21:37 2024-09-6 Show GitHub Exploit DB Packet Storm
316874 - - - A vulnerability was found in Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System 5.6.2 and classified as critical. Affected by this issue is the function GetDat… CWE-89
SQL Injection 		CVE-2024-8705 2024-09-12 21:35 2024-09-12 Show GitHub Exploit DB Packet Storm
316875 - - - A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. This affects the function update of the file /admin/template/update of the component com.cms.controller.ad… CWE-22
Path Traversal 		CVE-2024-8694 2024-09-12 21:35 2024-09-12 Show GitHub Exploit DB Packet Storm
316876 - - - A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is some unknown functionality of the component dhcpcd Command Handler. The manipula… CWE-79
Cross-site Scripting 		CVE-2024-8693 2024-09-12 21:35 2024-09-12 Show GitHub Exploit DB Packet Storm
316877 - - - evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin." - CVE-2024-44541 2024-09-12 21:35 2024-09-12 Show GitHub Exploit DB Packet Storm
316878 - - - A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles. - CVE-2024-8689 2024-09-12 21:35 2024-09-12 Show GitHub Exploit DB Packet Storm
316879 - - - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Payara Platform Payara Server (Logging modules) allows Sensitive credentials posted in plain-text on the server log.This is… - CVE-2024-8097 2024-09-12 21:35 2024-09-12 Show GitHub Exploit DB Packet Storm
316880 - - - RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the time_date function. - CVE-2024-44577 2024-09-12 21:35 2024-09-12 Show GitHub Exploit DB Packet Storm