Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248621	6.4	警告	The PHP Group	-	PHP の exif.c にある exif_process_IFD_TAG 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-4566	2012-05-14 17:26	2011-10-27	Show	GitHub Exploit DB Packet Storm

248622	6.3	警告	サイバートラスト株式会社 Ruby-lang.org レッドハット	-	Ruby の FileUtils.remove_entry_secure メソッドにおける任意のファイルを削除される脆弱性	CWE-59 リンク解釈の問題	CVE-2011-1004	2012-05-14 17:21	2011-03-2	Show	GitHub Exploit DB Packet Storm

248623	5	警告	The PHP Group	-	PHP の apache_request_headers 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-2329	2012-05-14 16:28	2012-05-11	Show	GitHub Exploit DB Packet Storm

248624	5	警告	アップル	-	Apple Safari の WebKit におけるフォームフィールドに入力される脆弱性	CWE-20 不適切な入力確認	CVE-2012-0676	2012-05-14 15:44	2012-05-11	Show	GitHub Exploit DB Packet Storm

248625	6.8	警告	アップル GNU Project	-	gzip の huft_build 関数における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2624	2012-05-14 15:32	2010-01-29	Show	GitHub Exploit DB Packet Storm

248626	4.3	警告	アップル	-	Apple Mac OS X の Time Machine における Time Capsule の資格情報を読み取られる脆弱性	CWE-287 不適切な認証	CVE-2012-0675	2012-05-14 15:28	2012-05-11	Show	GitHub Exploit DB Packet Storm

248627	7.5	危険	アップル	-	Apple Mac OS X の Security Framework における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-0662	2012-05-14 15:27	2012-05-11	Show	GitHub Exploit DB Packet Storm

248628	2.6	注意	日本電気 IBM アップルサイバートラスト株式会社 SSH コミュニケーションズ・セキュリティヤマハサン・マイクロシステムズレッドハットディアイティ OpenBSD	-	SSH 通信において一部データが漏えいする可能性	CWE-200 情報漏えい	CVE-2008-5161	2012-05-14 15:27	2008-11-17	Show	GitHub Exploit DB Packet Storm

248629	2.1	注意	アップル	-	Apple Mac OS X の Quartz Composer におけるスクリーンロックを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0657	2012-05-14 15:23	2012-05-11	Show	GitHub Exploit DB Packet Storm

248630	6.2	警告	アップル	-	Apple Mac OS X の LoginUIFramework における任意のアカウントへログインされる脆弱性	CWE-362 競合状態	CVE-2012-0656	2012-05-14 15:22	2012-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314641	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() In Google internal bug 265639009 we've received an (as yet) unr…	CWE-476 NULL Pointer Dereference	CVE-2023-52894	2024-09-12 01:27	2024-08-21	Show	GitHub Exploit DB Packet Storm

314642	-		-	-	An improper authorization vulnerability [CWE-285] in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0 through 7.3.2, 7.2.0 through 7.2.2, 7.0.0 through 7.0.3 change password endpoint may allow an authent…	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2024-45327	2024-09-12 01:26	2024-09-11	Show	GitHub Exploit DB Packet Storm

314643	-		-	-	A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as problematic. This affects an unknown part of the file /web-static/. The manipulation leads to files or director…	CWE-552 Files or Directories Accessible to External Parties	CVE-2024-8655	2024-09-12 01:26	2024-09-11	Show	GitHub Exploit DB Packet Storm

314644	-		-	-	SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-8232	2024-09-12 01:26	2024-09-11	Show	GitHub Exploit DB Packet Storm

314645	-		-	-	Directus is a real-time API and App dashboard for managing SQL database content. An unauthenticated user can access credentials of last authenticated user via OpenID or OAuth2 where the authenticatio…	CWE-524 Use of Cache Containing Sensitive Information	CVE-2024-45596	2024-09-12 01:26	2024-09-11	Show	GitHub Exploit DB Packet Storm

314646	-		-	-	cross-site scripting (XSS) vulnerability in Gibbon Core v26.0.00 allows an attacker to execute arbitrary code via the imageLink parameter in the library_manage_catalog_editProcess.php component.	-	CVE-2024-34831	2024-09-12 01:26	2024-09-11	Show	GitHub Exploit DB Packet Storm

314647	6.5	MEDIUM Network	mozilla	thunderbird	When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 128.2.	CWE-416 Use After Free	CVE-2024-8394	2024-09-12 01:25	2024-09-7	Show	GitHub Exploit DB Packet Storm

314648	8.8	HIGH Network	draytek	vigor3900_firmware	DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the value parameter in the filter_string function.	CWE-78 OS Command	CVE-2024-44845	2024-09-12 01:24	2024-09-7	Show	GitHub Exploit DB Packet Storm

314649	8.8	HIGH Network	draytek	vigor3900_firmware	DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the name parameter in the run_command function.	CWE-78 OS Command	CVE-2024-44844	2024-09-12 01:24	2024-09-7	Show	GitHub Exploit DB Packet Storm

314650	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: gsmi: fix null-deref in gsmi_get_variable We can get EFI variables without fetching the attribute, so we must allow for that in g…	CWE-476 NULL Pointer Dereference	CVE-2023-52893	2024-09-12 01:24	2024-08-21	Show	GitHub Exploit DB Packet Storm