Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241841 10 危険 CA Technologies - CA BrightStor ARCserve Backup の Tape Engine におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1447 2012-06-26 15:46 2007-03-16 Show GitHub Exploit DB Packet Storm
241842 7.5 危険 danny ho - OES における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-1446 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241843 7.5 危険 betaparticle - BP Blog の default.asp 用の heme プレビュー機能における SQL インジェクションの脆弱性 - CVE-2007-1445 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241844 9.3 危険 bitesser - bitesser MySQL Commander の ressourcen/dbopen.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1439 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241845 10 危険 D-Link Systems, Inc. - D-Link TFTP Server におけるバッファオーバーフローの脆弱性 - CVE-2007-1435 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241846 7.5 危険 grayscale - Grayscale Blog における SQL インジェクションの脆弱性 - CVE-2007-1434 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241847 4.3 警告 grayscale - Grayscale Blog におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1433 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241848 7.5 危険 grayscale - Grayscale Blog における権限を取得される脆弱性 - CVE-2007-1432 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
241849 7.5 危険 clip-share - ClipShare の include/adodb-connection.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1430 2012-06-26 15:46 2007-03-12 Show GitHub Exploit DB Packet Storm
241850 5 警告 assetman - AssetMan の download_pdf.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1427 2012-06-26 15:46 2007-03-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
250971 4.3 MEDIUM
Network 		- - The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.986 via the data_fetch. This makes it possible for authen… CWE-200
Information Exposure 		CVE-2024-7417 2024-10-18 21:53 2024-10-17 Show GitHub Exploit DB Packet Storm
250972 5.3 MEDIUM
Network 		- - The Calculated Fields Form plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 5.2.45. This is due to the plugin not properly neutralizing HTML elements from su… CWE-75
Special Element Injection 		CVE-2024-9940 2024-10-18 21:53 2024-10-17 Show GitHub Exploit DB Packet Storm
250973 9.8 CRITICAL
Network 		- - The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 3.6.0. This is due to the plugin providing user-co… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-9862 2024-10-18 21:53 2024-10-17 Show GitHub Exploit DB Packet Storm
250974 8.1 HIGH
Network 		- - The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.6.0. This is due to missing validation on the token being… - CVE-2024-9861 2024-10-18 21:53 2024-10-17 Show GitHub Exploit DB Packet Storm
250975 6.1 MEDIUM
Network 		- - The ReDi Restaurant Reservation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and… - CVE-2024-9240 2024-10-18 21:53 2024-10-17 Show GitHub Exploit DB Packet Storm
250976 8.8 HIGH
Network 		- - The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors plugin for WordPress is vulnerable to Insecure Direct Object Reference to Privilege Escalation/Account Ta… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-9215 2024-10-18 21:53 2024-10-17 Show GitHub Exploit DB Packet Storm
250977 - - - Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker w… CWE-89
SQL Injection 		CVE-2024-45767 2024-10-18 21:53 2024-10-17 Show GitHub Exploit DB Packet Storm
250978 - - - Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of Generation of Code ('Code Injection') vulnerability. A low privileged attacker with remote access could pot… CWE-94
Code Injection 		CVE-2024-45766 2024-10-18 21:53 2024-10-17 Show GitHub Exploit DB Packet Storm
250979 - - - dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro parameter of the component doAdminAction.php which allows a remote attacker to execute arbitrary code - CVE-2024-48758 2024-10-18 21:53 2024-10-17 Show GitHub Exploit DB Packet Storm
250980 - - - ClassCMS <=4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can include a file uploaded to the/class/template directory to execute PHP code. - CVE-2024-48180 2024-10-18 21:53 2024-10-17 Show GitHub Exploit DB Packet Storm