Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251301	4.3	警告	Webglimpse	-	Webglimpse の wgarcmin.cgi におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1787	2012-03-22 16:48	2012-03-19	Show	GitHub Exploit DB Packet Storm

251302	5	警告	Internet WorkShop	-	WebGlimpse の wgarcmin.cgi におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-5114	2012-03-22 16:41	2012-03-19	Show	GitHub Exploit DB Packet Storm

251303	4.3	警告	Internet WorkShop	-	WebGlimpse の wgarcmin.cgi におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-5113	2012-03-22 16:40	2012-03-19	Show	GitHub Exploit DB Packet Storm

251304	5	警告	Internet WorkShop	-	WebGlimpse の wgarcmin.cgi におけるインストールパスを取得される脆弱性	CWE-200 情報漏えい	CVE-2009-5112	2012-03-22 16:39	2012-03-19	Show	GitHub Exploit DB Packet Storm

251305	4.3	警告	OSQA	-	OSQA の questions/ask におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1782	2012-03-22 16:33	2012-03-19	Show	GitHub Exploit DB Packet Storm

251306	4.3	警告	Dotclear	-	Dotclear におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1039	2012-03-22 16:18	2012-03-19	Show	GitHub Exploit DB Packet Storm

251307	4.3	警告	Oxwall	-	OxWall におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0872	2012-03-22 16:17	2012-03-19	Show	GitHub Exploit DB Packet Storm

251308	4.3	警告	SocialCMS	-	SocialCMS の ajax/commentajax.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1781	2012-03-22 16:15	2012-03-19	Show	GitHub Exploit DB Packet Storm

251309	7.5	危険	SocialCMS	-	SocialCMS の search.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-1780	2012-03-22 16:14	2012-03-19	Show	GitHub Exploit DB Packet Storm

251310	9.3	危険	マイクロソフト	-	Microsoft Windows のリモートデスクトッププロトコルの実装における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-0002	2012-03-22 13:40	2012-03-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
310091	6.1	MEDIUM Network	cisco	firepower_management_center	A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS…	CWE-79 Cross-site Scripting	CVE-2024-20386	2024-11-6 01:05	2024-10-24	Show	GitHub Exploit DB Packet Storm

310092	-		-	-	D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the HostName parameter in the SetWanSettings function. This vulnerability allows attackers to execute arbitrar…	-	CVE-2024-51024	2024-11-6 01:04	2024-11-6	Show	GitHub Exploit DB Packet Storm

310093	-		-	-	D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to exe…	-	CVE-2024-51023	2024-11-6 01:04	2024-11-6	Show	GitHub Exploit DB Packet Storm

310094	-		-	-	Zope AccessControl provides a general security framework for use in Zope. In affected versions anonymous users can delete the user data maintained by an `AccessControl.userfolder.UserFolder` which ma…	CWE-284 Improper Access Control	CVE-2024-51734	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

310095	-		-	-	Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadcast address (0xFFFFFFFF) which could resu…	CWE-138 CWE-159 Improper Neutralization of Special Elements Improper Handling of Invalid Use of Special Elements	CVE-2024-51500	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

310096	-		-	-	gaizhenbiao/chuanhuchatgpt project, version <=20240802 is vulnerable to stored Cross-Site Scripting (XSS) in WebSocket session transmission. An attacker can inject malicious content into a WebSocket …	-	CVE-2024-48059	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

310097	-		-	-	golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2024-51744	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

310098	-		-	-	A Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 "/main/social/home.php," allows attackers to initiate a request that posts a fake post onto the user's social wall without the…	-	CVE-2024-30617	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

310099	-		-	-	Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin users can manipulate sensitive profiles information, posing a significant risk to data integrity.	-	CVE-2024-30616	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

310100	6.1	MEDIUM Network	cisco	firepower_management_center	A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS…	CWE-79 Cross-site Scripting	CVE-2024-20372	2024-11-6 01:04	2024-10-24	Show	GitHub Exploit DB Packet Storm