Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228871	4.3	警告	National Information Infrastructure Development Institute	-	Drupal 用 Shibboleth authentication モジュールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4494	2012-11-2 14:55	2012-08-8	Show	GitHub Exploit DB Packet Storm

228872	2.1	注意	Isaac Sukin	-	Drupal 用 Shorten URLs モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4492	2012-11-2 14:54	2012-08-8	Show	GitHub Exploit DB Packet Storm

228873	5.8	警告	Earl Dunovant	-	Drupal 用 Monthly Archive by Node Type モジュールにおける制限しているノードにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4491	2012-11-2 14:53	2012-08-1	Show	GitHub Exploit DB Packet Storm

228874	4.3	警告	Ricky Morse	-	Drupal 用 Excluded Users モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4490	2012-11-2 14:45	2012-08-1	Show	GitHub Exploit DB Packet Storm

228875	5.8	警告	Mark Burdett	-	Drupal 用 Secure Login モジュールにおけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2012-4489	2012-11-2 14:43	2012-07-25	Show	GitHub Exploit DB Packet Storm

228876	5	警告	Location module project	-	Drupal 用 Location モジュールにおけるノードまたはユーザの検索結果を読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4488	2012-11-2 14:43	2012-07-25	Show	GitHub Exploit DB Packet Storm

228877	4.3	警告	Manuel Garcia	-	Drupal 用 Gallery formatter モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4485	2012-11-2 14:40	2012-07-25	Show	GitHub Exploit DB Packet Storm

228878	4.3	警告	Campaign Monitor project	-	Drupal 用 Campaign Monitor モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4484	2012-11-2 14:38	2012-07-18	Show	GitHub Exploit DB Packet Storm

228879	5	警告	Acquia Inc.	-	Drupal 用 Drupal Commons モジュールにおける重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4483	2012-11-2 14:38	2012-07-11	Show	GitHub Exploit DB Packet Storm

228880	5	警告	Longwave Consulting	-	Drupal 用 Ubercart SecureTrading Payment Method モジュールにおける未払いのアイテムを購入される脆弱性	CWE-20 不適切な入力確認	CVE-2012-4482	2012-11-2 14:36	2012-07-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248971	8.8	HIGH Network	sbond	watcharr	A vulnerability in a weak JWT token in Watcharr v1.43.0 and below allows attackers to perform privilege escalation using a crafted JWT token. This vulnerability is not limited to privilege escalation…	NVD-CWE-noinfo	CVE-2024-50634	2024-11-15 05:40	2024-11-9	Show	GitHub Exploit DB Packet Storm

248972	7.8	HIGH Local	artifex debian suse	ghostscript debian_linux linux_enterprise_high_performance_computing linux_enterprise_server linux_enterprise_server_for_sap	An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.	CWE-125 Out-of-bounds Read	CVE-2024-46956	2024-11-15 05:39	2024-11-11	Show	GitHub Exploit DB Packet Storm

248973	6.7	MEDIUM Local	fortinet	forticlient	An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2024-40592	2024-11-15 05:37	2024-11-13	Show	GitHub Exploit DB Packet Storm

248974	8.8	HIGH Local	fortinet	forticlient	A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate thei…	CWE-270 Privilege Context Switching Error	CVE-2024-36513	2024-11-15 05:35	2024-11-13	Show	GitHub Exploit DB Packet Storm

248975	6.1	MEDIUM Network	ibm	cics_tx	IBM CICS TX Standard is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona…	CWE-79 Cross-site Scripting	CVE-2024-41745	2024-11-15 05:35	2024-11-2	Show	GitHub Exploit DB Packet Storm

248976	-		-	-	An issue in the API endpoint /AccountMaster/GetCurrentUserInfo of INROAD before v202402060 allows attackers to access sensitive information via a crafted payload to the UserNameOrPhoneNumber paramete…	-	CVE-2024-46635	2024-11-15 05:35	2024-10-1	Show	GitHub Exploit DB Packet Storm

248977	4.4	MEDIUM Local	fortinet	fortiweb	An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and …	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2024-36509	2024-11-15 05:33	2024-11-13	Show	GitHub Exploit DB Packet Storm

248978	7.8	HIGH Local	fortinet	forticlient	A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and socia…	CWE-426 Untrusted Search Path	CVE-2024-36507	2024-11-15 05:31	2024-11-13	Show	GitHub Exploit DB Packet Storm

248979	5.4	MEDIUM Network	brandevolutionco	themeshark_templates_\&_widgets_for_elementor	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeShark ThemeShark Templates & Widgets for Elementor allows Stored XSS.This issue affec…	CWE-79 Cross-site Scripting	CVE-2024-51597	2024-11-15 05:27	2024-11-10	Show	GitHub Exploit DB Packet Storm

248980	5.4	MEDIUM Network	wpcirqle	bigmart_elements	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpcirqle Bigmart Elements allows DOM-Based XSS.This issue affects Bigmart Elements: from n…	CWE-79 Cross-site Scripting	CVE-2024-51589	2024-11-15 05:26	2024-11-10	Show	GitHub Exploit DB Packet Storm