Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231551	2.1	注意	CollabNet, Inc.	-	Subversion における重要な情報 (プロパティの改定) を取得される脆弱性	-	CVE-2007-2448	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

231552	6.8	警告	tecnick.com	-	TCExam の shared/config/tce_config.php におけるクロスサイトスクリプティング攻撃 (XSS) を実行される脆弱性	-	CVE-2007-2431	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

231553	7.8	危険	tecnick.com	-	TCExam の shared/code/tce_tmx.php における cache/ 配下の任意の PHP ファイルを作成される脆弱性	-	CVE-2007-2430	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

231554	7.5	危険	pnflashgames	-	PostNuke 用の pnFlashGames モジュールの index.php における SQL インジェクションの脆弱性	-	CVE-2007-2427	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

231555	7.5	危険	wildbits	-	WordPress 用の myGallery プラグインにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2426	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

231556	7.5	危険	the merchant project	-	themerchant の help/index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2424	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

231557	10	危険	RSAセキュリティ Progress Software Corporation	-	複数の RSA 製品で使用される Progress Software Progress および OpenEdge におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-2417	2012-12-20 18:19	2007-07-15	Show	GitHub Exploit DB Packet Storm

231558	5	警告	pi3web	-	Pi3Web Web Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2007-2415	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

231559	4	警告	Samba Project	-	Apple Mac OS X 上で稼動している Samba サーバにおける割り当てを超えるディスクスペースを使用される脆弱性	-	CVE-2007-2407	2012-12-20 18:19	2007-07-31	Show	GitHub Exploit DB Packet Storm

231560	5	警告	Yahoo!	-	Yahoo! UI フレームワークにおけるデータを取得される脆弱性	-	CVE-2007-2385	2012-12-20 18:19	2007-04-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
315251	-		-	-	cross-site scripting (XSS) vulnerability in Gibbon Core v26.0.00 allows an attacker to execute arbitrary code via the imageLink parameter in the library_manage_catalog_editProcess.php component.	-	CVE-2024-34831	2024-09-12 01:26	2024-09-11	Show	GitHub Exploit DB Packet Storm

315252	6.5	MEDIUM Network	mozilla	thunderbird	When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 128.2.	CWE-416 Use After Free	CVE-2024-8394	2024-09-12 01:25	2024-09-7	Show	GitHub Exploit DB Packet Storm

315253	8.8	HIGH Network	draytek	vigor3900_firmware	DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the value parameter in the filter_string function.	CWE-78 OS Command	CVE-2024-44845	2024-09-12 01:24	2024-09-7	Show	GitHub Exploit DB Packet Storm

315254	8.8	HIGH Network	draytek	vigor3900_firmware	DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the name parameter in the run_command function.	CWE-78 OS Command	CVE-2024-44844	2024-09-12 01:24	2024-09-7	Show	GitHub Exploit DB Packet Storm

315255	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: gsmi: fix null-deref in gsmi_get_variable We can get EFI variables without fetching the attribute, so we must allow for that in g…	CWE-476 NULL Pointer Dereference	CVE-2023-52893	2024-09-12 01:24	2024-08-21	Show	GitHub Exploit DB Packet Storm

315256	4.3	MEDIUM Network	ngothang	wp_multitasking	The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack	CWE-352 Origin Validation Error	CVE-2024-6852	2024-09-12 01:23	2024-09-8	Show	GitHub Exploit DB Packet Storm

315257	4.3	MEDIUM Network	ngothang	wp_multitasking	The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating welcome popups, which could allow attackers to make logged admins perform such action via a CSRF attack	CWE-352 Origin Validation Error	CVE-2024-6853	2024-09-12 01:22	2024-09-8	Show	GitHub Exploit DB Packet Storm

315258	4.7	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix GEM handle creation UAF Userspace can guess the handle value and try to race GEM object creation with handle clos…	CWE-416 Use After Free	CVE-2022-48899	2024-09-12 01:22	2024-08-21	Show	GitHub Exploit DB Packet Storm

315259	4.3	MEDIUM Network	ngothang	wp_multitasking	The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating exit popups, which could allow attackers to make logged admins perform such action via a CSRF attack	CWE-352 Origin Validation Error	CVE-2024-6855	2024-09-12 01:21	2024-09-8	Show	GitHub Exploit DB Packet Storm

315260	4.3	MEDIUM Network	ngothang	wp_multitasking	The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack	CWE-352 Origin Validation Error	CVE-2024-6856	2024-09-12 01:20	2024-09-8	Show	GitHub Exploit DB Packet Storm