Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248991	6.4	警告	HTC Corporation	-	複数の HTC の Android 上で動作する HTC IQRD サービスにおける SMS メッセージを送信される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2217	2012-05-7 15:54	2012-05-1	Show	GitHub Exploit DB Packet Storm

248992	2.1	注意	Mumble	-	Mumble における平文パスワードおよび設定データを取得される脆弱性	CWE-310 暗号の問題	CVE-2012-0863	2012-05-2 15:17	2012-04-30	Show	GitHub Exploit DB Packet Storm

248993	6.5	警告	Digium	-	Asterisk Open Source および Asterisk Business Edition におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性	CWE-119 バッファエラー	CVE-2012-2416	2012-05-2 15:14	2012-04-16	Show	GitHub Exploit DB Packet Storm

248994	7.5	危険	Google	-	Google Chrome のプロセス間通信の実装におけるサンドボックスの制限を回避される脆弱性	CWE-362 競合状態	CVE-2011-3080	2012-05-2 14:00	2012-04-30	Show	GitHub Exploit DB Packet Storm

248995	10	危険	Google	-	Google Chrome のプロセス間通信の実装における詳細不明な脆弱性	CWE-399 リソース管理の問題	CVE-2011-3079	2012-05-2 13:57	2012-04-30	Show	GitHub Exploit DB Packet Storm

248996	8.5	危険	RuggedCom	-	RuggedCom の Rugged Operating System (ROS) におけるアクセス権限を取得される脆弱性	CWE-310 暗号の問題	CVE-2012-2441	2012-05-1 14:49	2012-04-27	Show	GitHub Exploit DB Packet Storm

248997	7.5	危険	ネットギア	-	Netgear FVS318N の初期設定に問題	CWE-264 認可・権限・アクセス制御	CVE-2012-2439	2012-05-1 14:05	2012-04-3	Show	GitHub Exploit DB Packet Storm

248998	7.5	危険	TP-LINK Technologies	-	TP-Link 8840T の初期設定に問題	CWE-264 認可・権限・アクセス制御	CVE-2012-2440	2012-05-1 12:21	2012-04-3	Show	GitHub Exploit DB Packet Storm

248999	1.8	注意	Intuit	-	Intuit QuickBooks の intu-help-qb ハンドラにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-2425	2012-04-27 15:48	2012-04-25	Show	GitHub Exploit DB Packet Storm

249000	1.8	注意	Intuit	-	Intuit QuickBooks の intu-help-qb ハンドラにおけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2012-2424	2012-04-27 15:47	2012-04-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
315261	9.8	CRITICAL Network	nitropack	nitropack	Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc. NitroPack allows Code Injection.This issue affects NitroPack: from n/a through 1.16.7.	CWE-94 Code Injection	CVE-2024-43922	2024-09-20 06:44	2024-08-30	Show	GitHub Exploit DB Packet Storm

315262	8.8	HIGH Adjacent	dlink	covr-x1870_firmware dir-x4860_firmware	Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded…	CWE-912 Hidden Functionality	CVE-2024-45696	2024-09-20 06:42	2024-09-16	Show	GitHub Exploit DB Packet Storm

315263	9.8	CRITICAL Network	dlink	dir-x4860_firmware	Certain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS comm…	CWE-912 Hidden Functionality	CVE-2024-45697	2024-09-20 06:40	2024-09-16	Show	GitHub Exploit DB Packet Storm

315264	9.8	CRITICAL Network	pluck-cms	pluck	Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack.	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2024-43042	2024-09-20 06:01	2024-08-17	Show	GitHub Exploit DB Packet Storm

315265	8.8	HIGH Network	nuxt	nuxt	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Due to the insufficient validation of the `path` parameter in the NuxtTestComponentWrapper, an…	CWE-94 Code Injection	CVE-2024-34344	2024-09-20 05:58	2024-08-6	Show	GitHub Exploit DB Packet Storm

315266	7.5	HIGH Network	nuxt	nuxt	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. `nuxt/icon` provides an API to allow client side icon lookup. This endpoint is at `/api/_nuxt_…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-42352	2024-09-20 05:55	2024-08-6	Show	GitHub Exploit DB Packet Storm

315267	7.8	HIGH Local	mongodb	mongodb c_driver php_driver	Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing…	NVD-CWE-noinfo	CVE-2024-7553	2024-09-20 05:46	2024-08-7	Show	GitHub Exploit DB Packet Storm

315268	6.1	MEDIUM Network	mailcow	mailcow\	mailcow: dockerized is an open source groupware/email suite based on docker. An unauthenticated attacker can inject a JavaScript payload into the API logs. This payload is executed whenever the API l…	CWE-79 Cross-site Scripting	CVE-2024-41959	2024-09-20 05:14	2024-08-6	Show	GitHub Exploit DB Packet Storm

315269	4.8	MEDIUM Network	mailcow	mailcow\	mailcow: dockerized is an open source groupware/email suite based on docker. An authenticated admin user can inject a JavaScript payload into the Relay Hosts configuration. The injected payload is ex…	CWE-79 Cross-site Scripting	CVE-2024-41960	2024-09-20 05:01	2024-08-6	Show	GitHub Exploit DB Packet Storm

315270	6.1	MEDIUM Network	nuxt	nuxt	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. The `navigateTo` function attempts to blockthe `javascript:` protocol, but does not correctly …	CWE-79 Cross-site Scripting	CVE-2024-34343	2024-09-20 04:57	2024-08-6	Show	GitHub Exploit DB Packet Storm