Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252791 7.5 危険 SugarCRM - SugarCRM の Leads モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4833 2011-12-19 15:08 2011-12-15 Show GitHub Exploit DB Packet Storm
252792 7.5 危険 Moxiecode Systems AB
phpMyFAQ
PHPletter		 - 複数の製品で使用される inc/function.base.php における PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4825 2011-12-19 15:07 2011-10-25 Show GitHub Exploit DB Packet Storm
252793 7.5 危険 The Cacti Group - Cacti の auth_login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4824 2011-12-19 15:06 2011-09-26 Show GitHub Exploit DB Packet Storm
252794 4.3 警告 Atlassian - Atlassian FishEye のユーザプロファイル機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4822 2011-12-19 15:05 2011-10-24 Show GitHub Exploit DB Packet Storm
252795 3.6 注意 Artsoft Entertainment - Artsoft Entertainment の Rocks'n'Diamonds における任意のファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4606 2011-12-19 15:05 2011-12-15 Show GitHub Exploit DB Packet Storm
252796 4.3 警告 Digium - Asterisk の channels/chan_sip.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-200
情報漏えい 		CVE-2011-4598 2011-12-19 15:03 2011-11-2 Show GitHub Exploit DB Packet Storm
252797 5 警告 Digium - Asterisk の UDP 実装での SIP におけるユーザ名を列挙される脆弱性 CWE-200
情報漏えい 		CVE-2011-4597 2011-12-19 15:01 2011-07-18 Show GitHub Exploit DB Packet Storm
252798 7.5 危険 Caupo.Net - CaupoShop Pro および CaupoShop Classic におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4832 2011-12-19 13:44 2011-12-15 Show GitHub Exploit DB Packet Storm
252799 4 警告 David Azoulay - Web File Browser の webFileBrowser.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4831 2011-12-19 13:43 2011-12-15 Show GitHub Exploit DB Packet Storm
252800 7.5 危険 e4j Extensions for Joomla - Joomla! 用 Vik Real Estate コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4823 2011-12-19 11:52 2011-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311401 - - - Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 20… - CVE-2024-6245 2024-11-8 01:15 2024-10-29 Show GitHub Exploit DB Packet Storm
311402 6.5 MEDIUM
Network 		mongodb mongodb prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no prima… NVD-CWE-Other
CVE-2024-8305 2024-11-8 00:38 2024-10-22 Show GitHub Exploit DB Packet Storm
311403 6.1 MEDIUM
Network 		klokantech maptiler_tileserver_gl A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argume… CWE-79
Cross-site Scripting 		CVE-2024-10503 2024-11-8 00:30 2024-10-30 Show GitHub Exploit DB Packet Storm
311404 7.5 HIGH
Network 		nginxui nginx_ui Nginx UI is a web user interface for the Nginx web server. Nginx UI v2.0.0-beta.35 and earlier gets the value from the json field without verification, and can construct a value value in the form of … CWE-22
Path Traversal 		CVE-2024-49366 2024-11-8 00:15 2024-10-22 Show GitHub Exploit DB Packet Storm
311405 7.5 HIGH
Network 		nginxui nginx_ui Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, the log path of nginxui is controllable. This issue can be combined with the directory traversal at `/api/co… CWE-862
 Missing Authorization 		CVE-2024-49367 2024-11-7 23:57 2024-10-22 Show GitHub Exploit DB Packet Storm
311406 - - - UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function. This allows attackers to perform XSS via an SVG document, which can be used to steal cookies. - CVE-2024-50637 2024-11-7 23:15 2024-11-7 Show GitHub Exploit DB Packet Storm
311407 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event With clang's kernel control flow integrity (kCFI, CONFIG_C… NVD-CWE-noinfo
CVE-2022-48994 2024-11-7 22:52 2024-10-22 Show GitHub Exploit DB Packet Storm
311408 7.8 HIGH
Local 		2n access_commander In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges in the system which could allow for arbitrary code execution with root permissions. NVD-CWE-noinfo
CVE-2024-47255 2024-11-7 21:15 2024-11-5 Show GitHub Exploit DB Packet Storm
311409 7.2 HIGH
Network 		2n access_commander In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data Authenticity vulnerability could allow an attacker to escalate their privileges and gain root access to the s… NVD-CWE-noinfo
CVE-2024-47254 2024-11-7 21:15 2024-11-5 Show GitHub Exploit DB Packet Storm
311410 7.2 HIGH
Network 		2n access_commander In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an attacker with administrative privileges to write files on the filesystem and potentially achieve arbit… CWE-22
Path Traversal 		CVE-2024-47253 2024-11-7 21:15 2024-11-5 Show GitHub Exploit DB Packet Storm