Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232021 7.5 危険 visual irc - ViRC におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-3612 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
232022 9.3 危険 vrnews - VRNews の admin.php における特定の管理者操作を実行される脆弱性 - CVE-2007-3611 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
232023 7.5 危険 Vastal I-Tech & Co. - phpVID の categories_type.php における SQL インジェクションの脆弱性 - CVE-2007-3610 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
232024 5 警告 SAP - EnjoySAP SAP GUI の ActiveX コントロールにおける特定のファイルを作成される脆弱性 - CVE-2007-3608 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
232025 5 警告 SAP - EnjoySAP SAP GUI の ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3607 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
232026 7.6 危険 SAP - EnjoySAP SAP GUI の rfcguisink.rfcguisink.1 ActiveX コントロールにおけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2007-3606 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
232027 7.6 危険 SAP - EnjoySAP SAP GUI の FrontEnd\SapGui\kwedit.dll におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-3605 2012-12-20 18:33 2007-07-6 Show GitHub Exploit DB Packet Storm
232028 4 警告 Vtiger - vtiger CRM におけるデータ制限を回避される脆弱性 - CVE-2007-3604 2012-12-20 18:33 2007-03-7 Show GitHub Exploit DB Packet Storm
232029 6.5 警告 Vtiger - vtiger CRM の dashboard における SQL インジェクションの脆弱性 - CVE-2007-3603 2012-12-20 18:33 2007-03-7 Show GitHub Exploit DB Packet Storm
232030 5.5 警告 Vtiger - vtiger CRM の SOAP Web サービスにおけるデータをアクセスされる脆弱性 - CVE-2007-3602 2012-12-20 18:33 2007-02-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313591 - - - Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. IdentityServer's local API authentication handler performs insufficient validation of the cnf claim in DPoP access… CWE-287
Improper Authentication 		CVE-2024-49755 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
313592 - - - Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. - CVE-2024-48826 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
313593 - - - Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. - CVE-2024-48825 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
313594 - - - The Chef Habitat builder-api on-prem-builder package  with any version lower than habitat/builder-api/10315/20240913162802 is vulnerable to indirect object reference (IDOR) by un-authorized deletion … CWE-863
 Incorrect Authorization 		CVE-2024-9825 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
313595 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Operations Agent.  The XSS vulnerability could allow an attacker with local adm… - CVE-2024-5532 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
313596 - - - The Contact Form 7 + Telegram plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'wpcf7_Telegram::ajax' function in vers… CWE-862
 Missing Authorization 		CVE-2024-9629 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
313597 - - - MPXJ is an open source library to read and write project plans from a variety of file formats and databases. The patch for the historical vulnerability CVE-2020-35460 in MPXJ is incomplete as there i… CWE-22
Path Traversal 		CVE-2024-49771 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
313598 - - - A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational sy… - CVE-2024-42028 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
313599 - - - dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/doAdminAction.php?act=editAdmin&id=17 - CVE-2024-48291 2024-10-29 23:34 2024-10-29 Show GitHub Exploit DB Packet Storm
313600 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Post Grid Team by WPXPO PostX allows Stored XSS.This issue affects PostX: from n/a through… CWE-79
Cross-site Scripting 		CVE-2024-50443 2024-10-29 23:34 2024-10-28 Show GitHub Exploit DB Packet Storm