Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
208851	4.3	警告	Open-Xchange	-	Open-Xchange AppSuite におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-1679	2015-01-8 18:30	2014-01-29	Show	GitHub Exploit DB Packet Storm

208852	7.5	危険	TYPO3 Association	-	TYPO3 のフロントエンドレンダリングコンポーネントにおける脆弱性	CWE-20 不適切な入力確認	CVE-2014-9509	2015-01-8 18:23	2014-12-9	Show	GitHub Exploit DB Packet Storm

208853	4.3	警告	TYPO3 Association	-	TYPO3 のフロントエンドレンダリングコンポーネントにおける任意のドメインの URL に変更される脆弱性	CWE-59 リンク解釈の問題	CVE-2014-9508	2015-01-8 18:23	2014-12-9	Show	GitHub Exploit DB Packet Storm

208854	5	警告	VDG Security B.V.	-	VDG Security Sense におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-9452	2015-01-8 17:32	2014-10-1	Show	GitHub Exploit DB Packet Storm

208855	7.5	危険	VDG Security B.V.	-	VDG Security Sense の DIVA Web サービス API におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-9451	2015-01-8 17:29	2014-10-1	Show	GitHub Exploit DB Packet Storm

208856	7.5	危険	Zabbix	-	Zabbix のフロントエンドの chart_bar.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-9450	2015-01-8 17:10	2014-08-21	Show	GitHub Exploit DB Packet Storm

208857	6.5	警告	IPCop	-	IPCop の cgi-bin/iptablesgui.cgi における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2013-7418	2015-01-8 16:53	2013-04-25	Show	GitHub Exploit DB Packet Storm

208858	7.5	危険	Microweber	-	Microweber CMS の Category.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-9464	2015-01-8 16:37	2014-12-11	Show	GitHub Exploit DB Packet Storm

208859	6.8	警告	Miltenovikj Manojlo	-	MemHT Portal におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-5320	2015-01-8 16:37	2010-11-2	Show	GitHub Exploit DB Packet Storm

208860	6.8	警告	Kan-Studio	-	Kandidat CMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-5319	2015-01-8 16:36	2010-11-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
252131	9.8	CRITICAL Network	paxman	product_website_showcase	Unrestricted Upload of File with Dangerous Type vulnerability in Paxman Product Website Showcase allows Upload a Web Shell to a Web Server.This issue affects Product Website Showcase: from n/a throug…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-49611	2024-10-24 00:49	2024-10-20	Show	GitHub Exploit DB Packet Storm

252132	6.1	MEDIUM Network	dotsquares	google_map_locations	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dotsquares Google Map Locations allows Reflected XSS.This issue affects Google Map Locatio…	CWE-79 Cross-site Scripting	CVE-2024-49606	2024-10-24 00:49	2024-10-20	Show	GitHub Exploit DB Packet Storm

252133	9.8	CRITICAL Network	najeebmedia	simple_user_registration	Authentication Bypass Using an Alternate Path or Channel vulnerability in Najeeb Ahmad Simple User Registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a thro…	CWE-306 Missing Authentication for Critical Function	CVE-2024-49604	2024-10-24 00:49	2024-10-20	Show	GitHub Exploit DB Packet Storm

252134	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: driver core: Fix a potential null-ptr-deref in module_add_driver() Inject fault while probing of-fpga-region, if kasprintf() fail…	CWE-476 NULL Pointer Dereference	CVE-2024-47688	2024-10-24 00:36	2024-10-21	Show	GitHub Exploit DB Packet Storm

252135	7.1	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() The psc->div[] array has psc->num_div elements. These values come from…	CWE-193 Off-by-one Error	CVE-2024-47686	2024-10-24 00:34	2024-10-21	Show	GitHub Exploit DB Packet Storm

252136	4.7	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() If we need to increase the tree depth, allocate a new node, and…	CWE-362 Race Condition	CVE-2024-47668	2024-10-24 00:30	2024-10-10	Show	GitHub Exploit DB Packet Storm

252137	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr resources which n…	CWE-908 Use of Uninitialized Resource	CVE-2024-47687	2024-10-24 00:22	2024-10-21	Show	GitHub Exploit DB Packet Storm

252138	-		-	-	CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the membershipType parameter in edit_type.php	-	CVE-2024-48709	2024-10-24 00:13	2024-10-22	Show	GitHub Exploit DB Packet Storm

252139	-		-	-	Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /doctor/edit-profile.php and adminremark parameter in /admin/query-detail…	-	CVE-2024-46239	2024-10-24 00:13	2024-10-22	Show	GitHub Exploit DB Packet Storm

252140	-		-	-	Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /admin/add-doctor.php and /admin/edit-doctor.php	-	CVE-2024-46238	2024-10-24 00:13	2024-10-22	Show	GitHub Exploit DB Packet Storm