Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232621 4.3 警告 toms-seiten.at - Toms Gaestebuch の admin/header.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4896 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
232622 5 警告 sisfo kampus - Semarang 3 の dwoprn.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4895 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
232623 7.5 危険 WordPress.org - Wordpress および MU における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4894 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
232624 4.3 警告 WordPress.org - Wordpress および MU の wp-admin/admin-functions.php におけるクロスサイトスクリプティング (XSS) 攻撃を実行される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-4893 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
232625 7.5 危険 swsoft - Windows 用の SWSoft Plesk における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4892 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
232626 3.5 注意 XWiki - XWiki の "You are not allowed ..." のエラーハンドラにおける任意のドキュメントを読み取られる脆弱性 CWE-DesignError
CVE-2007-4888 2012-12-20 18:33 2007-01-11 Show GitHub Exploit DB Packet Storm
232627 4.3 警告 techexcel inc. - TechExcel CustomerWise におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4882 2012-12-20 18:33 2007-09-13 Show GitHub Exploit DB Packet Storm
232628 7.5 危険 psi-labs - psisns の profile/myprofile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4881 2012-12-20 18:33 2007-09-13 Show GitHub Exploit DB Packet Storm
232629 5 警告 Simplenews Project - SimpNews における任意の .inc ファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4873 2012-12-20 18:33 2007-09-27 Show GitHub Exploit DB Packet Storm
232630 5 警告 Simplenews Project - SimpleNews における重要な情報を取得される脆弱性 CWE-DesignError
CVE-2007-4872 2012-12-20 18:33 2007-09-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313971 - - - A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive info… CWE-200
Information Exposure 		CVE-2024-20445 2024-11-7 03:17 2024-11-7 Show GitHub Exploit DB Packet Storm
313972 - - - A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated, rem… CWE-77
Command Injection 		CVE-2024-20418 2024-11-7 03:17 2024-11-7 Show GitHub Exploit DB Packet Storm
313973 - - - A vulnerability in the access control list (ACL) programming of Cisco Nexus 3550-F Switches could allow an unauthenticated, remote attacker to send traffic that should be blocked to the management in… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2024-20371 2024-11-7 03:17 2024-11-7 Show GitHub Exploit DB Packet Storm
313974 - - - Use after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) - CVE-2024-10827 2024-11-7 03:17 2024-11-7 Show GitHub Exploit DB Packet Storm
313975 - - - Use after free in Family Experiences in Google Chrome on Android prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security s… - CVE-2024-10826 2024-11-7 03:17 2024-11-7 Show GitHub Exploit DB Packet Storm
313976 7.5 HIGH
Network 		- - A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the introspection feature is enabled, it is possible for attackers to retrieve sensitive admin authentication k… CWE-200
Information Exposure 		CVE-2024-6861 2024-11-7 03:17 2024-11-7 Show GitHub Exploit DB Packet Storm
313977 5.4 MEDIUM
Network 		- - IBM Maximo Application Suite - Monitor Component 8.10.11, 8.11.8, and 9.0.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript … CWE-79
Cross-site Scripting 		CVE-2024-35146 2024-11-7 03:17 2024-11-7 Show GitHub Exploit DB Packet Storm
313978 - - - CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication method confusion allows logging in as the built-in root user fro… - CVE-2024-10082 2024-11-7 03:17 2024-11-7 Show GitHub Exploit DB Packet Storm
313979 - - - CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the API URL ends with Authentication. This by… - CVE-2024-10081 2024-11-7 03:17 2024-11-7 Show GitHub Exploit DB Packet Storm
313980 - - - The Wp-ImageZoom WordPress plugin through 1.1.0 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting which could be used aga… - CVE-2024-9934 2024-11-7 03:17 2024-11-6 Show GitHub Exploit DB Packet Storm