Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231881	7.5	危険	sam crew	-	Sam Crew MyBlog の games.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1990	2012-12-20 18:19	2007-04-12	Show	GitHub Exploit DB Packet Storm

231882	4.3	警告	phpecho cms	-	PHPEcho CMS の kernel/filters.inc.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1988	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

231883	7.5	危険	phpexplorator	-	phpexplorator の phpexplorator.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1985	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

231884	7.5	危険	really simple php and ajax	-	RSPA における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1982	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

231885	7.5	危険	有限会社ブルームーン	-	XOOPS 用の PopnupBlog モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-1979	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

231886	7.5	危険	slaed	-	SLAED CMS における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1975	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

231887	7.5	危険	wf-sections XOOPS	-	Xoops モジュールで使用される WF-Section における SQL インジェクションの脆弱性	-	CVE-2007-1974	2012-12-20 18:19	2007-04-9	Show	GitHub Exploit DB Packet Storm

231888	4.3	警告	sam crew	-	Sam Crew MyBlog の admin/modify.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1969	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

231889	6.8	警告	sam crew	-	Sam Crew MyBlog の games.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1968	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

231890	7.5	危険	XOOPS	-	XOOPS 用の WF-Snippets モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-1962	2012-12-20 18:19	2007-04-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313861	9.8	CRITICAL Network	oceanicsoft	valeapp	Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking.This issue affects ValeApp: before v2.0.0.	CWE-384 Session Fixation	CVE-2024-8643	2024-10-5 02:14	2024-09-27	Show	GitHub Exploit DB Packet Storm

313862	6.1	MEDIUM Network	projectcaruso	flaming_forms	The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used agains…	CWE-79 Cross-site Scripting	CVE-2024-7692	2024-10-5 02:14	2024-09-2	Show	GitHub Exploit DB Packet Storm

313863	7.5	HIGH Network	oceanicsoft	valeapp	Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information.This issue affects ValeApp: before v2.0.0.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2024-8609	2024-10-5 02:12	2024-09-27	Show	GitHub Exploit DB Packet Storm

313864	9.8	CRITICAL Network	oceanicsoft	valeapp	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oceanic Software ValeApp allows SQL Injection.This issue affects ValeApp: before v2.0.0.	CWE-89 SQL Injection	CVE-2024-8607	2024-10-5 02:12	2024-09-27	Show	GitHub Exploit DB Packet Storm

313865	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: the warning dereferencing obj for nbio_v7_4 if ras_manager obj null, don't print NBIO err data	CWE-476 NULL Pointer Dereference	CVE-2024-46819	2024-10-5 02:11	2024-09-27	Show	GitHub Exploit DB Packet Storm

313866	5.4	MEDIUM Network	oceanicsoft	valeapp	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Oceanic Software ValeApp allows Stored XSS.This issue affects ValeApp: before v2.0.0.	CWE-79 Cross-site Scripting	CVE-2024-8608	2024-10-5 02:11	2024-09-27	Show	GitHub Exploit DB Packet Storm

313867	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDesc…	CWE-129 Improper Validation of Array Index	CVE-2024-46821	2024-10-5 02:06	2024-09-27	Show	GitHub Exploit DB Packet Storm

313868	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Make sure the descriptor has been set before looking at maxpacket. This fixes a nul…	CWE-476 NULL Pointer Dereference	CVE-2024-44960	2024-10-5 01:44	2024-09-5	Show	GitHub Exploit DB Packet Storm

313869	7.8	HIGH Local	randygaul	cute_png	cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_load_png_mem() function at cute_png.h.	CWE-787 Out-of-bounds Write	CVE-2024-46258	2024-10-5 01:41	2024-10-1	Show	GitHub Exploit DB Packet Storm

313870	7.8	HIGH Local	randygaul	cute_png	cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_make32() function at cute_png.h.	CWE-787 Out-of-bounds Write	CVE-2024-46261	2024-10-5 01:40	2024-10-1	Show	GitHub Exploit DB Packet Storm