Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231211 7.5 危険 php-generics - PHP-Generics における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2346 2012-12-20 18:19 2007-04-27 Show GitHub Exploit DB Packet Storm
231212 7.5 危険 phpbandmanager - phpBandManager の suite/index.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2341 2012-12-20 18:19 2007-04-27 Show GitHub Exploit DB Packet Storm
231213 6.8 警告 phporacleview - phporacleview の inc/include_all.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-2340 2012-12-20 18:19 2007-04-27 Show GitHub Exploit DB Packet Storm
231214 7.5 危険 shop-script - Shop-Script の cart.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2331 2012-12-20 18:19 2007-04-26 Show GitHub Exploit DB Packet Storm
231215 7.5 危険 searchactivity - Searchactivity の searchbot.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2329 2012-12-20 18:19 2007-04-26 Show GitHub Exploit DB Packet Storm
231216 7.5 危険 phpmytgp - phpMYTGP の addvip.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2328 2012-12-20 18:19 2007-04-26 Show GitHub Exploit DB Packet Storm
231217 10 危険 SilverStripe - SilverStripe の検索機能における脆弱性 - CVE-2007-2321 2012-12-20 18:19 2007-04-17 Show GitHub Exploit DB Packet Storm
231218 7.5 危険 VWar - PHP-Nuke 用の VWar モジュールにおける SQL インジェクションの脆弱性 - CVE-2007-2312 2012-12-20 18:19 2007-04-26 Show GitHub Exploit DB Packet Storm
231219 7.5 危険 webkalk2 - WebKalk2 の engine/engine.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2307 2012-12-20 18:19 2007-04-26 Show GitHub Exploit DB Packet Storm
231220 4.3 警告 VWar - PHP-Nuke 用の VWar モジュールにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2306 2012-12-20 18:19 2007-04-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313701 4.7 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'local_addr_used' and 'add_addr_accepted' are decremented for addresse… NVD-CWE-noinfo
CVE-2024-46711 2024-09-19 22:12 2024-09-13 Show GitHub Exploit DB Packet Storm
313702 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelera… NVD-CWE-noinfo
CVE-2024-46712 2024-09-19 22:09 2024-09-13 Show GitHub Exploit DB Packet Storm
313703 9.8 CRITICAL
Network 		tnbmobil cockpit Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable.This issue affects Cockpit Software: before v2.13. CWE-798
 Use of Hard-coded Credentials 		CVE-2024-6656 2024-09-19 22:05 2024-09-13 Show GitHub Exploit DB Packet Storm
313704 5.3 MEDIUM
Network 		secreto31126 whatsapp-api-js whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official API framework. It's possible to check the payload validation using the WhatsAppAPI.verifyRequestSignature and expect false when the… NVD-CWE-Other
CVE-2024-45607 2024-09-19 11:05 2024-09-13 Show GitHub Exploit DB Packet Storm
313705 8.8 HIGH
Network 		rockwellautomation 2800c_optixpanel_compact_firmware
2800s_optixpanel_standard_firmware
embedded_edge_compute_module_firmware 		A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials an… CWE-276
Incorrect Default Permissions  		CVE-2024-8533 2024-09-19 10:57 2024-09-13 Show GitHub Exploit DB Packet Storm
313706 9.8 CRITICAL
Network 		rockwellautomation pavilion8 A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could result in a remote code execut… CWE-22
Path Traversal 		CVE-2024-7961 2024-09-19 10:52 2024-09-13 Show GitHub Exploit DB Packet Storm
313707 9.1 CRITICAL
Network 		rockwellautomation pavilion8 The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect pri… NVD-CWE-noinfo
CVE-2024-7960 2024-09-19 10:52 2024-09-13 Show GitHub Exploit DB Packet Storm
313708 4.3 MEDIUM
Network 		lenovo xclarity_administrator A valid, authenticated LXCA user may be able to unmanage an LXCA managed device in through the LXCA web interface without sufficient privileges. NVD-CWE-noinfo
CVE-2024-45103 2024-09-19 10:50 2024-09-14 Show GitHub Exploit DB Packet Storm
313709 6.5 MEDIUM
Network 		lenovo xclarity_administrator A valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device through a specially crafted web API call. NVD-CWE-noinfo
CVE-2024-45104 2024-09-19 10:49 2024-09-14 Show GitHub Exploit DB Packet Storm
313710 9.8 CRITICAL
Network 		heyewei jfinalcms A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue affects the function delete of the file /admin/template/edit. The manipulation of the argument name leads t… CWE-22
Path Traversal 		CVE-2024-8782 2024-09-19 10:46 2024-09-14 Show GitHub Exploit DB Packet Storm