Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 2:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231491 7.5 危険 webtext - WebText CMS における wt/users/ 配下のスクリプトへ任意の PHP コードを挿入される脆弱性 - CVE-2006-6856 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
231492 7.5 危険 shadowed works - Shadowed Portal の include.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6850 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
231493 5 警告 リアルネットワークス - RealNetworks RealPlayer の ierpplug.dll におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6847 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
231494 10 危険 phpBB - phpBB の特定のフォームにおける脆弱性 - CVE-2006-6841 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
231495 10 危険 phpBB - phpBB における脆弱性 - CVE-2006-6840 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
231496 10 危険 phpBB - phpBB における脆弱性 - CVE-2006-6839 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
231497 7.5 危険 rediff - Rediff Bol Downloader OCX コントロールにおける重要な情報 (ユーザ名およびパス名) を取得される脆弱性 - CVE-2006-6838 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
231498 6.8 警告 sergey oblomov - Total Commander 用の ISO プラグインの LoadTree などの関数におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-6837 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
231499 7.5 危険 yrch - Yrch! の plugins/metasearch/plug.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6823 2012-12-20 18:02 2006-12-29 Show GitHub Exploit DB Packet Storm
231500 7.5 危険 vladimir menshakov - Vladimir Menshakov buratinable templator の process.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6809 2012-12-20 18:02 2006-12-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314981 4.3 MEDIUM
Network 		- - The Oxygen Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the oxy_save_css_from_admin AJAX action in all versions up to, and incl… - CVE-2024-6688 2024-08-27 14:15 2024-08-27 Show GitHub Exploit DB Packet Storm
314982 - - - Rejected reason: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that the issue does not pose a secu… - CVE-2024-7989 2024-08-27 06:15 2024-08-27 Show GitHub Exploit DB Packet Storm
314983 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid… - CVE-2024-8188 2024-08-27 05:15 2024-08-27 Show GitHub Exploit DB Packet Storm
314984 9.8 CRITICAL
Network 		givewp givewp The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input fr… CWE-502
 Deserialization of Untrusted Data 		CVE-2024-5932 2024-08-27 03:34 2024-08-20 Show GitHub Exploit DB Packet Storm
314985 6.5 MEDIUM
Network 		ibm global_configuration_management IBM Global Configuration Management 7.0.2 and 7.0.3 could allow an authenticated user to archive a global baseline due to improper access controls. NVD-CWE-Other
CVE-2024-41773 2024-08-27 03:33 2024-08-21 Show GitHub Exploit DB Packet Storm
314986 6.5 MEDIUM
Network 		ghost ghost Ghost is a Node.js content management system. Improper authentication on some endpoints used for member actions would allow an attacker to perform member-only actions, and read member information. Th… CWE-287
Improper Authentication 		CVE-2024-43409 2024-08-27 03:31 2024-08-21 Show GitHub Exploit DB Packet Storm
314987 8.8 HIGH
Network 		lfedge ekuiper LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. A user could utilize and exploit SQL Injection to allow the execution of … CWE-89
SQL Injection 		CVE-2024-43406 2024-08-27 03:30 2024-08-21 Show GitHub Exploit DB Packet Storm
314988 9.8 CRITICAL
Network 		megacord megabot MEGABOT is a fully customized Discord bot for learning and fun. The `/math` command and functionality of MEGABOT versions < 1.5.0 contains a remote code execution vulnerability due to a Python `eval(… CWE-94
Code Injection 		CVE-2024-43404 2024-08-27 03:29 2024-08-21 Show GitHub Exploit DB Packet Storm
314989 4.3 MEDIUM
Network 		apolloconfig apollo Apollo is a configuration management system. A vulnerability exists in the synchronization configuration feature that allows users to craft specific requests to bypass permission checks. This exploit… NVD-CWE-Other
CVE-2024-43397 2024-08-27 03:28 2024-08-21 Show GitHub Exploit DB Packet Storm
314990 4.3 MEDIUM
Network 		umbraco umbraco_cms Umbraco CMS is an ASP.NET CMS. An authenticated user can access a few unintended endpoints. This issue is fixed in 14.1.2. NVD-CWE-Other
CVE-2024-43377 2024-08-27 03:26 2024-08-21 Show GitHub Exploit DB Packet Storm