Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251381 4.3 警告 chillyCMS - chillyCMS の core/showsite.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4895 2012-01-19 11:38 2011-10-8 Show GitHub Exploit DB Packet Storm
251382 7.5 危険 chillyCMS - chillyCMS の core/showsite.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4894 2012-01-19 11:37 2011-10-8 Show GitHub Exploit DB Packet Storm
251383 4.3 警告 Skypanther Studios - FestOS の foodvendors.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4893 2012-01-19 11:23 2011-10-8 Show GitHub Exploit DB Packet Storm
251384 4.3 警告 Alex Kellner - TYPO3 用の powermail におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4892 2012-01-19 11:20 2010-10-26 Show GitHub Exploit DB Packet Storm
251385 7.5 危険 Andreas Kiefer - TYPO3 用の Yet Another Calendar における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4891 2012-01-19 11:20 2010-09-2 Show GitHub Exploit DB Packet Storm
251386 4.3 警告 Andreas Kiefer - TYPO3 用の Yet Another Calendar におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4890 2012-01-19 11:19 2010-09-2 Show GitHub Exploit DB Packet Storm
251387 10 危険 Marco Hezel - TYPO3 用の Tiny Market における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-4889 2012-01-19 11:18 2010-09-2 Show GitHub Exploit DB Packet Storm
251388 7.5 危険 Marco Hezel - TYPO3 用の Tiny Market における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4888 2012-01-19 11:17 2010-09-2 Show GitHub Exploit DB Packet Storm
251389 7.5 危険 Raphael Zschorsch - TYPO3 用の Commenting system Backend Module における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4887 2012-01-19 11:17 2010-09-2 Show GitHub Exploit DB Packet Storm
251390 4.3 警告 Peter Proell - TYPO3 用の official twitter tweet button for your page におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4886 2012-01-19 11:10 2010-09-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
309471 9.8 CRITICAL
Network 		snyk snyk_cli The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to… CWE-78
OS Command  		CVE-2024-48963 2024-10-30 23:54 2024-10-24 Show GitHub Exploit DB Packet Storm
309472 9.8 CRITICAL
Network 		razormist payroll_management_system A vulnerability classified as critical has been found in SourceCodester Payroll Management System 1.0. This affects the function login of the file main. The manipulation leads to buffer overflow. The… CWE-120
Classic Buffer Overflow 		CVE-2024-10371 2024-10-30 23:51 2024-10-25 Show GitHub Exploit DB Packet Storm
309473 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow Syzkaller reported this splat: =====================================… CWE-416
 Use After Free 		CVE-2024-50085 2024-10-30 23:49 2024-10-29 Show GitHub Exploit DB Packet Storm
309474 8.8 HIGH
Network 		liferay digital_experience_platform
liferay_portal 		The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92 and 7.3 GA through update 36 does … CWE-863
 Incorrect Authorization 		CVE-2024-38002 2024-10-30 23:47 2024-10-23 Show GitHub Exploit DB Packet Storm
309475 6.1 MEDIUM
Network 		liferay digital_experience_platform
liferay_portal 		The Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, 7.2 GA through fix pack 20, 7.1 GA throu… CWE-352
 Origin Validation Error 		CVE-2024-8980 2024-10-30 23:46 2024-10-23 Show GitHub Exploit DB Packet Storm
309476 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: btrfs: fix uninitialized pointer free on read_alloc_one_name() error The function read_alloc_one_name() does not initialize the n… CWE-824
 Access of Uninitialized Pointer 		CVE-2024-50087 2024-10-30 23:40 2024-10-29 Show GitHub Exploit DB Packet Storm
309477 - - - A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected sy… - CVE-2024-44285 2024-10-30 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
309478 - - - An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1… - CVE-2024-44278 2024-10-30 23:35 2024-10-29 Show GitHub Exploit DB Packet Storm
309479 5.4 MEDIUM
Network 		vtiger vtiger_crm Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter. Authenticated users can inject arbitrary HTML. CWE-79
Cross-site Scripting 		CVE-2024-48119 2024-10-30 23:32 2024-10-14 Show GitHub Exploit DB Packet Storm
309480 8.8 HIGH
Network 		samsung android Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required f… CWE-787
 Out-of-bounds Write 		CVE-2024-34668 2024-10-30 23:31 2024-10-8 Show GitHub Exploit DB Packet Storm