Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
233331	5.8	警告	x-diesel	-	Unreal Commander におけるユーザに危険なファイルを上書きまたは作成させる脆弱性	CWE-DesignError	CVE-2007-4546	2012-12-20 18:33	2007-08-27	Show	GitHub Exploit DB Packet Storm

233332	6.8	警告	x-diesel	-	Unreal Commander におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-4545	2012-12-20 18:33	2007-08-27	Show	GitHub Exploit DB Packet Storm

233333	4.3	警告	WordPress.org	-	WordPress MU の wp-newblog.php におけるクロスサイトスクリプティングの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-4544	2012-12-20 18:33	2007-08-27	Show	GitHub Exploit DB Packet Storm

233334	4.3	警告	university of minnesota	-	MapServer におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4542	2012-12-20 18:33	2007-08-27	Show	GitHub Exploit DB Packet Storm

233335	6.8	警告	skulltag team	-	Huffman 解凍アルゴリズムにおけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-4537	2012-12-20 18:33	2007-08-27	Show	GitHub Exploit DB Packet Storm

233336	4.6	警告	torrenttrader	-	TorrentTrader における任意の PHP コードを実行される脆弱性	-	CVE-2007-4536	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

233337	4.3	警告	vavoom	-	Vavoom の str.cpp におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4535	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

233338	7.5	危険	vavoom	-	Vavoom の p_thinker.cpp におけるバッファオーバーフローの脆弱性	-	CVE-2007-4534	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

233339	6.8	警告	vavoom	-	Vavoom の sv_main.cpp におけるフォーマットストリングの脆弱性	-	CVE-2007-4533	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

233340	4.3	警告	TeamSpeak Systems GmbH	-	TeamSpeak Server におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4530	2012-12-20 18:33	2007-08-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314831	6.5	MEDIUM Network	63moons	aero wave_2.0	This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP re…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2024-51557	2024-11-9 00:19	2024-11-4	Show	GitHub Exploit DB Packet Storm

314832	7.5	HIGH Network	ruijie	nbr3000d-e_firmware	An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information via the /tool/shell/postgresql.conf component.	NVD-CWE-noinfo	CVE-2024-48783	2024-11-9 00:19	2024-10-16	Show	GitHub Exploit DB Packet Storm

314833	4.3	MEDIUM Network	63moons	aero wave_2.0	This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs at certain API endpoint. An authenticated remote attacker could exploit this vulnerability by providing…	CWE-209 Information Exposure Through an Error Message	CVE-2024-51560	2024-11-9 00:18	2024-11-4	Show	GitHub Exploit DB Packet Storm

314834	4.6	MEDIUM Physics	tp-link	tapo_h100_firmware	This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the …	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-10523	2024-11-9 00:14	2024-11-4	Show	GitHub Exploit DB Packet Storm

314835	8.8	HIGH Network	microsoft	dataverse	Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.	NVD-CWE-noinfo	CVE-2024-38139	2024-11-9 00:14	2024-10-16	Show	GitHub Exploit DB Packet Storm

314836	7.5	HIGH Network	ibm	websphere_application_server	IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulner…	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2024-45085	2024-11-9 00:13	2024-10-16	Show	GitHub Exploit DB Packet Storm

314837	9.8	CRITICAL Network	bg-tek	coslat	Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics Security Technologies CoslatV3 allows Command Injection.This issue affects CoslatV3: through 3.1069. …	CWE-94 Code Injection	CVE-2024-10035	2024-11-9 00:11	2024-11-4	Show	GitHub Exploit DB Packet Storm

314838	5.4	MEDIUM Network	salesagility	suitecrm	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. The "Publish Key" field in SuiteCRM's Edit Profile page is vulnerable to Reflected Cross-Site…	CWE-79 Cross-site Scripting	CVE-2024-50335	2024-11-9 00:09	2024-11-6	Show	GitHub Exploit DB Packet Storm

314839	9.1	CRITICAL Network	qualcomm	wsa8845h_firmware wsa8845_firmware wsa8840_firmware wsa8835_firmware wsa8832_firmware wsa8830_firmware wsa8815_firmware wsa8810_firmware wcn7881_firmware wcn7880_firmware	Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.	NVD-CWE-noinfo	CVE-2024-38408	2024-11-9 00:07	2024-11-4	Show	GitHub Exploit DB Packet Storm

314840	6.1	MEDIUM Network	flycart	discount_rules_for_woocommerce	The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of a…	CWE-79 Cross-site Scripting	CVE-2024-8541	2024-11-9 00:07	2024-10-16	Show	GitHub Exploit DB Packet Storm