Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228711	5	警告	Best Practical Solutions	-	Request Tracker におけるクロスサイトリクエストフォージェリ (CSRF) 保護メカニズムを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4734	2012-11-13 16:12	2012-10-25	Show	GitHub Exploit DB Packet Storm

228712	6.8	警告	Best Practical Solutions	-	Request Tracker におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4732	2012-11-13 16:11	2012-10-25	Show	GitHub Exploit DB Packet Storm

228713	4	警告	Best Practical Solutions	-	Request Tracker 用 FAQ マネージャにおける任意のクラスの任意の記事を作成される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4731	2012-11-13 16:10	2012-10-25	Show	GitHub Exploit DB Packet Storm

228714	3.5	注意	Best Practical Solutions	-	Request Tracker における任意のメールヘッダを挿入される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4730	2012-11-13 16:08	2012-10-25	Show	GitHub Exploit DB Packet Storm

228715	5	警告	Drupal	-	Drupal の OpenID モジュールおける任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4554	2012-11-13 15:59	2012-10-17	Show	GitHub Exploit DB Packet Storm

228716	6.8	警告	Drupal	-	Drupal における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4553	2012-11-13 15:58	2012-10-17	Show	GitHub Exploit DB Packet Storm

228717	7.5	危険	Quagga インターネットイニシアティブ	-	Quagga の ecommunity_ecom2str 関数におけるにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-3327	2012-11-13 15:11	2011-09-26	Show	GitHub Exploit DB Packet Storm

228718	5	警告	Quagga インターネットイニシアティブ	-	Quagga の ospf_flood 関数におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3326	2012-11-13 15:10	2011-09-26	Show	GitHub Exploit DB Packet Storm

228719	5	警告	Quagga インターネットイニシアティブ	-	Quagga の ospfd 内の ospf_packet.c におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3325	2012-11-13 15:09	2011-09-26	Show	GitHub Exploit DB Packet Storm

228720	5	警告	Quagga インターネットイニシアティブ	-	Quagga の ospf6_lsa.c 内にある ospf6_lsa_is_changed 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3324	2012-11-13 15:08	2011-09-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
249051	8.8	HIGH Network	rudrainnovative	training_-_courses	Unrestricted Upload of File with Dangerous Type vulnerability in Rudra Innnovative Software Training – Courses allows Upload a Web Shell to a Web Server.This issue affects Training – Courses: from n/…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-50529	2024-11-7 02:04	2024-11-4	Show	GitHub Exploit DB Packet Storm

249052	9.8	CRITICAL Network	dfactory	responsive_lightbox	Missing Authorization vulnerability in dFactory Responsive Lightbox allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Responsive Lightbox: from n/a through 2.4.7.	CWE-862 Missing Authorization	CVE-2024-43924	2024-11-7 02:03	2024-10-23	Show	GitHub Exploit DB Packet Storm

249053	8.8	HIGH Network	myriadsolutionz	stars_smtp_mailer	Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Stars SMTP Mailer allows Upload a Web Shell to a Web Server.This issue affects Stars SMTP Mailer: from n/a through 1.…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-50530	2024-11-7 02:02	2024-11-4	Show	GitHub Exploit DB Packet Storm

249054	6.5	MEDIUM Network	sonatype	nexus	Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (…	CWE-798 Use of Hard-coded Credentials	CVE-2024-5764	2024-11-7 01:41	2024-10-24	Show	GitHub Exploit DB Packet Storm

249055	7.2	HIGH Network	wuzhicms	wuzhicms	A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the function add/edit of the file www/coreframe/app/content/admin/block.php. The manipulation leads to cod…	CWE-94 Code Injection	CVE-2024-10505	2024-11-7 01:38	2024-10-30	Show	GitHub Exploit DB Packet Storm

249056	-		-	-	Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware) may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially …	-	CVE-2023-31305	2024-11-7 01:35	2024-08-14	Show	GitHub Exploit DB Packet Storm

249057	9.8	CRITICAL Network	carrcommunications	rsvpmaker	Unrestricted Upload of File with Dangerous Type vulnerability in David F. Carr RSVPMaker for Toastmasters allows Upload a Web Shell to a Web Server.This issue affects RSVPMaker for Toastmasters: from…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-50531	2024-11-7 01:34	2024-11-4	Show	GitHub Exploit DB Packet Storm

249058	9.8	CRITICAL Network	esafenet	cdg	A vulnerability classified as critical has been found in ESAFENET CDG 5. This affects the function delPolicyAction of the file /com/esafenet/servlet/system/PolicyActionService.java. The manipulation …	CWE-89 SQL Injection	CVE-2024-10597	2024-11-7 01:28	2024-11-1	Show	GitHub Exploit DB Packet Storm

249059	5.3	MEDIUM Network	choplugins	order_notification_for_telegram	The Order Notification for Telegram plugin for WordPress is vulnerable to unauthorized test message sending due to a missing capability check on the 'nktgnfw_send_test_message' function in versions u…	CWE-862 Missing Authorization	CVE-2024-9686	2024-11-7 01:19	2024-10-25	Show	GitHub Exploit DB Packet Storm

249060	3.6	LOW Local	chidiwilliams	buzz	A vulnerability classified as problematic was found in chidiwilliams buzz 1.1.0. This vulnerability affects the function download_model of the file buzz/model_loader.py. The manipulation leads to ins…	CWE-377 Insecure Temporary File	CVE-2024-10372	2024-11-7 01:14	2024-10-25	Show	GitHub Exploit DB Packet Storm