Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240121	4.3	警告	Alkacon Software	-	Alkacon OpenCMS の system/workplace/admin/accounts/users_list.jsp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1510	2012-06-26 16:02	2008-03-25	Show	GitHub Exploit DB Packet Storm

240122	7.5	危険	efestech	-	EfesTech E-Kontor における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1508	2012-06-26 16:02	2008-03-25	Show	GitHub Exploit DB Packet Storm

240123	4.3	警告	F5 Networks	-	F5 BIG-IP の Web 管理インターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1503	2012-06-26 16:02	2008-03-25	Show	GitHub Exploit DB Packet Storm

240124	4.3	警告	file-transfer	-	Dan Costin File Transfer におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-1564	2012-06-26 16:02	2007-11-10	Show	GitHub Exploit DB Packet Storm

240125	4.3	警告	Moodle EGroupware	-	eGroupWare で使用される KSES におけるクロスサイトスクリプティング攻撃を実行される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1502	2012-06-26 16:02	2008-03-25	Show	GitHub Exploit DB Packet Storm

240126	4.3	警告	cPanel	-	cPanel の frontend/x/manpage.html におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1499	2012-06-26 16:02	2008-03-25	Show	GitHub Exploit DB Packet Storm

240127	7.5	危険	easy-clanpage	-	Easy-Clanpage の inc/module/online.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1494	2012-06-26 16:02	2008-03-25	Show	GitHub Exploit DB Packet Storm

240128	7.5	危険	cuteflow-bin	-	Cuteflow Bin の login.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-1493	2012-06-26 16:02	2008-03-25	Show	GitHub Exploit DB Packet Storm

240129	7.5	危険	coronamatrix	-	CoronaMatrix phpAddressBook におけるディレクトリトラバーサルの脆弱性	CWE-20 不適切な入力確認	CVE-2008-1492	2012-06-26 16:02	2008-03-25	Show	GitHub Exploit DB Packet Storm

240130	10	危険	ASUSTeK Computer Inc.	-	ASUS Remote Console の DPC Proxy サーバにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1491	2012-06-26 16:02	2008-03-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
257111	5.3	MEDIUM Network	softlabbd	radio_player	The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. This…	CWE-862 Missing Authorization	CVE-2023-4025	2024-08-29 03:30	2024-08-17	Show	GitHub Exploit DB Packet Storm

257112	9.8	CRITICAL Network	alientechnology	alr-f800_firmware	A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been classified as critical. Affected is an unknown function of the file /var/www/cmd.php. The manipulation of the arg…	CWE-285 Improper Authorization	CVE-2024-7578	2024-08-29 03:27	2024-08-7	Show	GitHub Exploit DB Packet Storm

257113	8.8	HIGH Network	alientechnology	alr-f800_firmware	A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been declared as critical. Affected by this vulnerability is the function popen of the file /var/www/cgi-bin/upgrade.c…	CWE-78 OS Command	CVE-2024-7579	2024-08-29 03:26	2024-08-7	Show	GitHub Exploit DB Packet Storm

257114	7.8	HIGH Local	okta	verify	Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5…	CWE-427 Uncontrolled Search Path Element	CVE-2024-7061	2024-08-29 03:25	2024-08-8	Show	GitHub Exploit DB Packet Storm

257115	5.4	MEDIUM Network	opentext	alm_octane	Improper Neutralization vulnerability (XSS) has been discovered in OpenText™ ALM Octane. The vulnerability affects all version prior to version 23.4. The vulnerability could cause remote code executi…	CWE-79 Cross-site Scripting	CVE-2024-6361	2024-08-29 03:17	2024-08-6	Show	GitHub Exploit DB Packet Storm

257116	5.4	MEDIUM Network	zephyr-one	zephyr_project_manager	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager allows Reflected XSS.This issue affects Zephyr Project …	CWE-79 Cross-site Scripting	CVE-2024-43915	2024-08-29 02:44	2024-08-27	Show	GitHub Exploit DB Packet Storm

257117	7.5	HIGH Network	yanzhenjie	andserver	AndServer 2.1.12 is vulnerable to Directory Traversal.	CWE-22 Path Traversal	CVE-2024-41310	2024-08-29 02:42	2024-08-3	Show	GitHub Exploit DB Packet Storm

257118	-		-	-	An SEH-based buffer overflow in the BPQ32 HTTP Server in BPQ32 6.0.24.1 allows remote attackers with access to the Web Terminal to achieve remote code execution via an HTTP POST /TermInput request.	-	CVE-2024-34087	2024-08-29 01:35	2024-08-27	Show	GitHub Exploit DB Packet Storm

257119	-		-	-	An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.	-	CVE-2024-42845	2024-08-29 01:35	2024-08-24	Show	GitHub Exploit DB Packet Storm

257120	9.8	CRITICAL Network	hitachienergy	microscada_x_sys600	The product exposes a service that is intended for local only to all network interfaces without any authentication.	CWE-306 Missing Authentication for Critical Function	CVE-2024-7940	2024-08-29 01:24	2024-08-27	Show	GitHub Exploit DB Packet Storm