Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227781	7.5	危険	zonemetrics	-	ZoneMetrics ZoneX Publishers Gold Edition の includes/usercp_register.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4036	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

227782	10	危険	WordPress.org	-	WordPress における脆弱性	CWE-noinfo 情報不足	CVE-2006-4028	2012-12-20 18:02	2006-07-29	Show	GitHub Exploit DB Packet Storm

227783	7.5	危険	Red Graphic Systems	-	SAPID CMS における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4026	2012-12-20 18:02	2006-08-8	Show	GitHub Exploit DB Packet Storm

227784	7.5	危険	xennobb	-	XennoBB の profile.php における SQL インジェクションの脆弱性	-	CVE-2006-4025	2012-12-20 18:02	2006-08-8	Show	GitHub Exploit DB Packet Storm

227785	2.6	注意	scatterchat	-	ScatterChat の cryptographic モジュールにおける大量のメッセージのパターンを特定される脆弱性	-	CVE-2006-4021	2012-12-20 18:02	2006-08-17	Show	GitHub Exploit DB Packet Storm

227786	4.3	警告	toenda software development	-	toendaCMS stable および unstable の /toendaCMS におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4016	2012-12-20 18:02	2006-08-7	Show	GitHub Exploit DB Packet Storm

227787	5	警告	シマンテック	-	SBAS におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4014	2012-12-20 18:02	2006-07-27	Show	GitHub Exploit DB Packet Storm

227788	7.6	危険	シマンテック	-	SBAS におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2006-4013	2012-12-20 18:02	2006-07-27	Show	GitHub Exploit DB Packet Storm

227789	5.1	警告	savewebportal	-	circeOS SaveWeb Portal における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4012	2012-12-20 18:02	2006-08-7	Show	GitHub Exploit DB Packet Storm

227790	7.5	危険	VWar	-	Vwar の war.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2006-4010	2012-12-20 18:02	2006-08-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248301	-		-	-	An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet, affecting version 2.3.1. This vulnerability could allow a remote attacker to obtain the session of an unauthe…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-11318	2024-11-19 02:11	2024-11-18	Show	GitHub Exploit DB Packet Storm

248302	-		-	-	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Egebilgi Software Website Template allows SQL Injection.This issue affects Website Template: befo…	CWE-89 SQL Injection	CVE-2024-3370	2024-11-19 02:11	2024-11-18	Show	GitHub Exploit DB Packet Storm

248303	-		-	-	Firebase JavaScript SDK utilizes a "FIREBASE_DEFAULTS" cookie to store configuration data, including an "_authTokenSyncURL" field used for session synchronization. If this cookie field is preset via…	-	CVE-2024-11023	2024-11-19 02:11	2024-11-18	Show	GitHub Exploit DB Packet Storm

248304	8.4	HIGH Local	-	-	A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of s…	CWE-22 Path Traversal	CVE-2020-26071	2024-11-19 02:11	2024-11-19	Show	GitHub Exploit DB Packet Storm

248305	-		-	-	OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Prior to version 6.1.9, the regex validation used to prevent Introspecti…	CWE-284 Improper Access Control	CVE-2024-37155	2024-11-19 02:11	2024-11-19	Show	GitHub Exploit DB Packet Storm

248306	7.1	HIGH Network	-	-	A low privileged remote attacker may modify the BACNet service properties due to incorrect permission assignment for critical resources which may lead to a DoS limited to BACNet communication.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2024-41974	2024-11-19 02:11	2024-11-18	Show	GitHub Exploit DB Packet Storm

248307	8.1	HIGH Network	-	-	A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead to an arbitrary file writes with root privileges.	CWE-35 Path Traversal: '.../...//'	CVE-2024-41973	2024-11-19 02:11	2024-11-18	Show	GitHub Exploit DB Packet Storm

248308	6.5	MEDIUM Network	-	-	A low privileged remote attacker can overwrite an arbitrary file on the filesystem which may lead to an arbitrary file read with root privileges.	CWE-35 Path Traversal: '.../...//'	CVE-2024-41972	2024-11-19 02:11	2024-11-18	Show	GitHub Exploit DB Packet Storm

248309	8.1	HIGH Network	-	-	A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss.	CWE-22 Path Traversal	CVE-2024-41971	2024-11-19 02:11	2024-11-18	Show	GitHub Exploit DB Packet Storm

248310	5.7	MEDIUM Network	-	-	A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2024-41970	2024-11-19 02:11	2024-11-18	Show	GitHub Exploit DB Packet Storm