Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228671 4.3 警告 TYPO3 Association - TYPO3 のインストールツールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-3531 2012-11-15 14:26 2012-08-15 Show GitHub Exploit DB Packet Storm
228672 4.3 警告 TYPO3 Association - TYPO3 の t3lib_div::quoteJSvalue API 関数におけるクロスサイトスクリプティングの脆弱性 CWE-Other
その他 		CVE-2012-3530 2012-11-15 14:25 2012-08-15 Show GitHub Exploit DB Packet Storm
228673 3.5 注意 TYPO3 Association - TYPO3 のバックエンドの configuration モジュールにおける暗号鍵を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-3529 2012-11-15 14:24 2012-08-15 Show GitHub Exploit DB Packet Storm
228674 4 警告 TYPO3 Association - TYPO3 のバックエンドにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-3528 2012-11-15 14:23 2012-08-15 Show GitHub Exploit DB Packet Storm
228675 4.6 警告 TYPO3 Association - TYPO3 のバックエンドのヘルプシステムにおける任意のオブジェクトのシリアル化を解除される脆弱性 CWE-310
暗号の問題 		CVE-2012-3527 2012-11-15 14:22 2012-08-15 Show GitHub Exploit DB Packet Storm
228676 7.5 危険 Zabbix - Zabbix の frontends/php/popup_bitem.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-3435 2012-11-15 12:09 2012-07-18 Show GitHub Exploit DB Packet Storm
228677 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-5287 2012-11-14 16:07 2012-11-2 Show GitHub Exploit DB Packet Storm
228678 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-5286 2012-11-14 16:07 2012-11-2 Show GitHub Exploit DB Packet Storm
228679 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR における脆弱性 CWE-noinfo
情報不足 		CVE-2012-5673 2012-11-14 16:07 2012-11-2 Show GitHub Exploit DB Packet Storm
228680 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-5285 2012-11-14 16:06 2012-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
249361 - - - A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands int… - CVE-2024-9287 2024-11-5 03:15 2024-10-23 Show GitHub Exploit DB Packet Storm
249362 - - - Entrust Instant Financial Issuance (On Premise) Software (formerly known as Cardwizard) 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier leaves behind a configuration file (i.e. WebAPI.cfg.xml) aft… - CVE-2024-39341 2024-11-5 02:35 2024-09-24 Show GitHub Exploit DB Packet Storm
249363 - - - In handleCreateConferenceComplete of ConnectionServiceWrapper.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure wit… - CVE-2024-40656 2024-11-5 02:35 2024-09-11 Show GitHub Exploit DB Packet Storm
249364 - - - Improper input validation in SMU may allow an attacker with privileges and a compromised physical function (PF)     to modify the PCIe® lane count and speed, potentially leading to a loss of availab… - CVE-2023-31304 2024-11-5 02:35 2024-08-14 Show GitHub Exploit DB Packet Storm
249365 - - - EnGenius EWS356-Fit devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. JavaScript embedded into a vulnerable field is executed when the user c… - CVE-2024-31975 2024-11-5 02:15 2024-10-31 Show GitHub Exploit DB Packet Storm
249366 9.8 CRITICAL
Network 		tongda2000 office_anywhere A vulnerability was found in Tongda OA 2017 up to 11.10. It has been rated as critical. Affected by this issue is some unknown functionality of the file /general/approve_center/query/list/input_form/… CWE-89
SQL Injection 		CVE-2024-10615 2024-11-5 01:45 2024-11-1 Show GitHub Exploit DB Packet Storm
249367 9.8 CRITICAL
Network 		tongda2000 office_anywhere A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/check_seal.php. The manipulation of the argument ID leads … CWE-89
SQL Injection 		CVE-2024-10617 2024-11-5 01:44 2024-11-1 Show GitHub Exploit DB Packet Storm
249368 9.8 CRITICAL
Network 		tongda2000 office_anywhere A vulnerability classified as critical has been found in Tongda OA up to 11.9. This affects an unknown part of the file /pda/workflow/webSignSubmit.php. The manipulation of the argument saleId leads … CWE-89
SQL Injection 		CVE-2024-10616 2024-11-5 01:44 2024-11-1 Show GitHub Exploit DB Packet Storm
249369 - - - A denial of service may be caused to a single peripheral device in a BLE network when multiple central devices continuously connect and disconnect to the peripheral. A hard reset is required to reco… - CVE-2024-6657 2024-11-5 00:15 2024-10-11 Show GitHub Exploit DB Packet Storm
249370 - - - Under specific circumstances, insecure permissions in Ivanti Velocity License Server before version 5.2 allows a local authenticated attacker to achieve local privilege escalation. - CVE-2024-9167 2024-11-5 00:15 2024-10-9 Show GitHub Exploit DB Packet Storm