Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1471 4.3 警告
Network 		xlplugins nextmove xlpluginsのWordPress用nextmoveにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2024-32104 2026-01-27 17:38 2024-04-15 Show GitHub Exploit DB Packet Storm
1472 4.3 警告
Network 		xlplugins finale xlpluginsのWordPress用finaleにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2024-32107 2026-01-27 17:38 2024-04-11 Show GitHub Exploit DB Packet Storm
1473 6.1 警告
Network 		Repute Infosystems arforms Repute InfosystemsのWordPress用arformsにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-32702 2026-01-27 17:38 2024-04-24 Show GitHub Exploit DB Packet Storm
1474 8.8 重要
Network 		Repute Infosystems arforms Repute InfosystemsのWordPress用arformsにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2024-32706 2026-01-27 17:38 2024-04-24 Show GitHub Exploit DB Packet Storm
1475 7.1 重要
Local 		Debian
Linux		 Debian GNU/Linux
Linux Kernel 		Debian等の複数ベンダの製品における例外的な状態のチェックに関する脆弱性 CWE-754
例外的な状態における不適切なチェック 		CVE-2024-35785 2026-01-27 17:38 2024-05-17 Show GitHub Exploit DB Packet Storm
1476 7.1 重要
Local 		Debian
Linux		 Debian GNU/Linux
Linux Kernel 		Debian等の複数ベンダの製品における不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2024-35871 2026-01-27 17:38 2024-05-19 Show GitHub Exploit DB Packet Storm
1477 7.1 重要
Local 		Debian
Linux		 Debian GNU/Linux
Linux Kernel 		Debian等の複数ベンダの製品における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2024-36883 2026-01-27 17:38 2024-05-30 Show GitHub Exploit DB Packet Storm
1478 7.8 重要
Local 		Debian
Linux		 Debian GNU/Linux
Linux Kernel 		Debian等の複数ベンダの製品における解放済みメモリの使用に関する脆弱性 CWE-416
CWE-416
CVE-2024-36886 2026-01-27 17:38 2024-05-30 Show GitHub Exploit DB Packet Storm
1479 7.8 重要
Local 		Debian
Linux		 Debian GNU/Linux
Linux Kernel 		Debian等の複数ベンダの製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2024-36904 2026-01-27 17:38 2024-05-30 Show GitHub Exploit DB Packet Storm
1480 7.1 重要
Local 		Debian
Linux		 Debian GNU/Linux
Linux Kernel 		Debian等の複数ベンダの製品における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2024-36916 2026-01-27 17:38 2024-05-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283521 - shttp shttp Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. CWE-22
Path Traversal 		CVE-2007-6404 2018-10-16 06:52 2007-12-18 Show GitHub Exploit DB Packet Storm
283522 - shttpd shttpd Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended (1) '+' character, (2) '.' character, … CWE-200
Information Exposure 		CVE-2007-6405 2018-10-16 06:52 2007-12-18 Show GitHub Exploit DB Packet Storm
283523 - hp openview_network_node_manager Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-6204 2018-10-16 06:51 2007-12-14 Show GitHub Exploit DB Packet Storm
283524 - s9y serendipity Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML… CWE-79
Cross-site Scripting 		CVE-2007-6205 2018-10-16 06:51 2007-12-12 Show GitHub Exploit DB Packet Storm
283525 - sing sing Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L (output log file) option. NOTE: this issue is only a vulnerability i… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-6211 2018-10-16 06:51 2007-12-4 Show GitHub Exploit DB Packet Storm
283526 - irola my-time Multiple SQL injection vulnerabilities in login.asp in Irola My-Time (aka Timesheet) 3.5 allow remote attackers to execute arbitrary SQL commands via the (1) login (aka Username) and (2) password par… CWE-89
SQL Injection 		CVE-2007-6217 2018-10-16 06:51 2007-12-5 Show GitHub Exploit DB Packet Storm
283527 - apc oas
switched_rack_pdu_firmware 		The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login acces… CWE-287
Improper Authentication 		CVE-2007-6226 2018-10-16 06:51 2007-12-5 Show GitHub Exploit DB Packet Storm
283528 - qemu qemu QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflo… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-6227 2018-10-16 06:51 2007-12-5 Show GitHub Exploit DB Packet Storm
283529 - deluxebb deluxebb cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a profile update, which allows remote authenticated users to change the e-mail a… CWE-287
Improper Authentication 		CVE-2007-6237 2018-10-16 06:51 2007-12-5 Show GitHub Exploit DB Packet Storm
283530 - snitz_communications snitz_forums_2000 SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the BuildTime parameter. CWE-89
SQL Injection 		CVE-2007-6240 2018-10-16 06:51 2007-12-5 Show GitHub Exploit DB Packet Storm