Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231281	4.9	警告	yana framework	-	Yana Framework における任意のゲストブックプロファイルを変更される脆弱性	CWE-noinfo 情報不足	CVE-2007-0516	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

231282	6.8	警告	phpxmldom	-	phpXD における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0511	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

231283	10	危険	vote pro	-	Vote! Pro の poll_frame.php における任意の PHP コードを実行される脆弱性	-	CVE-2007-0504	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

231284	7.5	危険	webSPELL	-	webSPELL の gallery.php における SQL インジェクションの脆弱性	-	CVE-2007-0502	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

231285	6.8	警告	sangwan kim	-	Sangwan Kim phpIndexPage の config.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-0499	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

231286	7.5	危険	sky gunning	-	MySpeach の up.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0498	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

231287	6.8	警告	upload-service	-	Upload-Service の upload/top.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0497	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

231288	10	危険	phpsherpa	-	PhpSherpa の include/config.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0495	2012-12-20 18:19	2007-01-25	Show	GitHub Exploit DB Packet Storm

231289	7.5	危険	webSPELL	-	webSPELL の gallery.php における SQL インジェクションの脆弱性	-	CVE-2007-0492	2012-12-20 18:19	2007-01-24	Show	GitHub Exploit DB Packet Storm

231290	6.8	警告	sky gunning	-	Sky GUNNING MySpeach の up.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0491	2012-12-20 18:19	2007-01-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314091	5.3	MEDIUM Network	fogproject	fogproject	FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. F…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2024-42349	2024-09-11 01:44	2024-08-3	Show	GitHub Exploit DB Packet Storm

314092	9.8	CRITICAL Network	horizoncloud	caterease	An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verifi…	NVD-CWE-Other	CVE-2024-38886	2024-09-11 01:40	2024-08-3	Show	GitHub Exploit DB Packet Storm

314093	9.8	CRITICAL Network	horizoncloud	caterease	An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform SQL Injection due to improper neutralization of s…	CWE-89 SQL Injection	CVE-2024-38889	2024-09-11 01:38	2024-08-3	Show	GitHub Exploit DB Packet Storm

314094	-		-	-	Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function.	-	CVE-2023-37226	2024-09-11 01:35	2024-09-10	Show	GitHub Exploit DB Packet Storm

314095	-		-	-	An issue in Ellevo v.6.2.0.38160 allows a remote attacker to escalate privileges via the /api/usuario/cadastrodesuplente endpoint.	-	CVE-2024-42759	2024-09-11 01:35	2024-09-10	Show	GitHub Exploit DB Packet Storm

314096	-		-	-	Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account can access webhook delivery information for any webhook r…	-	CVE-2024-45393	2024-09-11 00:50	2024-09-11	Show	GitHub Exploit DB Packet Storm

314097	-		-	-	Bareos is open source software for backup, archiving, and recovery of data for operating systems. When a command ACL is in place and a user executes a command in bconsole using an abbreviation (i.e. …	CWE-285 Improper Authorization	CVE-2024-45044	2024-09-11 00:50	2024-09-11	Show	GitHub Exploit DB Packet Storm

314098	-		-	-	MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This issue affected MongoDB Server v6.0 versio…	-	CVE-2024-8654	2024-09-11 00:50	2024-09-10	Show	GitHub Exploit DB Packet Storm

314099	-		-	-	phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php.	-	CVE-2024-44867	2024-09-11 00:50	2024-09-10	Show	GitHub Exploit DB Packet Storm

314100	4.3	MEDIUM Network	oretnom23	food_ordering_management_system	A vulnerability classified as problematic was found in SourceCodester Food Ordering Management System 1.0. This vulnerability affects unknown code of the file /foms/routers/place-order.php of the com…	CWE-1284 Improper Validation of Specified Quantity in Input	CVE-2024-8558	2024-09-11 00:50	2024-09-8	Show	GitHub Exploit DB Packet Storm