Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232521	7.5	危険	red mexico	-	Xoops 用の rmgallery モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-1806	2012-12-20 18:19	2007-04-2	Show	GitHub Exploit DB Packet Storm

232522	7.8	危険	PulseAudio	-	PulseAudio におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1804	2012-12-20 18:19	2007-04-2	Show	GitHub Exploit DB Packet Storm

232523	7.5	危険	sblog	-	sBLOG の inc/lang.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1801	2012-12-20 18:19	2007-04-2	Show	GitHub Exploit DB Packet Storm

232524	4.9	警告	シマンテック	-	Symantec Norton Personal Firewall の SPBBCDrv.sys におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-1793	2012-12-20 18:19	2007-04-2	Show	GitHub Exploit DB Packet Storm

232525	7.8	危険	シマンテック	-	SMTP 用の Symantec Mail Security および Mail Security Appliance におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1792	2012-12-20 18:19	2007-06-26	Show	GitHub Exploit DB Packet Storm

232526	9.3	危険	softerra	-	Softerra Time-Assistant の lib/timesheet.class.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1787	2012-12-20 18:19	2007-03-31	Show	GitHub Exploit DB Packet Storm

232527	4.3	警告	unverse.net	-	aBitWhizzy におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-1774	2012-12-20 18:19	2007-03-29	Show	GitHub Exploit DB Packet Storm

232528	2.6	注意	unverse.net	-	aBitWhizzy におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-1773	2012-12-20 18:19	2007-03-29	Show	GitHub Exploit DB Packet Storm

232529	6.3	警告	VMware	-	VMware Workstation の Shared Folders 機能におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1744	2012-12-20 18:19	2007-05-2	Show	GitHub Exploit DB Packet Storm

232530	6.9	警告	TrueCrypt Foundation	-	TrueCrypt におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1738	2012-12-20 18:19	2007-03-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314281	6.4	MEDIUM Network	-	-	The PriPre plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.4.11 due to insufficient input sanitization and output escapi…	CWE-79 Cross-site Scripting	CVE-2024-9454	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

314282	6.4	MEDIUM Network	-	-	The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Comparison Widget in all versions up to, and including, 3.2.9 due to insufficient inpu…	CWE-79 Cross-site Scripting	CVE-2024-10091	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

314283	-		-	-	An issue was found in funadmin 5.0.2. The selectfiles method in \backend\controller\sys\Attachh.php directly stores the passed parameters and values into the param parameter without filtering, result…	-	CVE-2024-48228	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

314284	-		-	-	Werkzeug is a Web Server Gateway Interface web application library. On Python < 3.11 on Windows, os.path.isabs() does not catch UNC paths like //server/share. Werkzeug's safe_join() relies on this ch…	CWE-22 Path Traversal	CVE-2024-49766	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

314285	-		-	-	Cross Site Scripting vulnerability in Blood Bank v.1 allows a remote attacker to execute arbitrary code via a crafted script to the login.php component.	-	CVE-2024-48654	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

314286	-		-	-	File Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the admin_class.php component.	-	CVE-2024-48581	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

314287	-		-	-	SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the email parameter of the login request.	-	CVE-2024-48580	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

314288	-		-	-	SQL Injection vulnerability in Best House rental management system project in php v.1.0 allows a remote attacker to execute arbitrary code via the username parameter of the login request.	-	CVE-2024-48579	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

314289	-		-	-	SQL injection vulnerability in Hanzhou Haobo network management system 1.0 allows a remote attacker to execute arbitrary code via a crafted script.	-	CVE-2024-48204	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm

314290	-		-	-	The Kademlia DHT (go-libp2p-kad-dht 0.20.0 and earlier) used in IPFS (0.18.1 and earlier) assigns routing information for content (i.e., information about who holds the content) to be stored by peers…	-	CVE-2023-26248	2024-10-28 22:58	2024-10-26	Show	GitHub Exploit DB Packet Storm