Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252481 7.5 危険 osCommerce - osCommerce における複数のディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4543 2011-12-6 16:33 2011-12-5 Show GitHub Exploit DB Packet Storm
252482 7.5 危険 Zabbix - Zabbix の popup.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4674 2011-12-6 16:27 2011-11-24 Show GitHub Exploit DB Packet Storm
252483 7.5 危険 Automattic Inc. - WordPress 用 Jetpack プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4673 2011-12-6 16:26 2011-12-2 Show GitHub Exploit DB Packet Storm
252484 7.5 危険 Valid - Valid tiny-erp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4672 2011-12-6 16:25 2011-12-2 Show GitHub Exploit DB Packet Storm
252485 7.5 危険 AdRotate Plugin - WordPress 用 AdRotate プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4671 2011-12-6 16:24 2011-12-2 Show GitHub Exploit DB Packet Storm
252486 10 危険 Iron Mountain - Iron Mountain Connected Backup の Agent service における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2397 2011-12-6 16:22 2011-12-5 Show GitHub Exploit DB Packet Storm
252487 6.4 警告 Widelands - Widelands の io/filesystem/filesystem.cc におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-1932 2011-12-6 16:22 2011-12-5 Show GitHub Exploit DB Packet Storm
252488 4.3 警告 Etomite Project - Etomite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4264 2011-12-6 12:01 2011-12-6 Show GitHub Exploit DB Packet Storm
252489 7.5 危険 jonkemp - WordPress 用 WordPress Users プラグインの wp-users.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4669 2011-12-5 16:08 2011-12-2 Show GitHub Exploit DB Packet Storm
252490 7.5 危険 IBM - IBM Tivoli Netcool/Reporter における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4668 2011-12-5 16:07 2011-12-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
310971 - - - An issue in DCME-320-L <=9.3.2.114 allows a remote attacker to execute arbitrary code via the log_u_umount.php component. - CVE-2024-48659 2024-10-24 00:12 2024-10-22 Show GitHub Exploit DB Packet Storm
310972 - - - In Minecraft mod "Command Block IDE" up to and including version 0.4.9, a missing authorization (CWE-862) allows any user to modify "function" files used by the game when installed on a dedicated ser… - CVE-2024-48645 2024-10-24 00:12 2024-10-22 Show GitHub Exploit DB Packet Storm
310973 - - - Online Clinic Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /success/editp.php?action=edit. - CVE-2024-48597 2024-10-24 00:12 2024-10-22 Show GitHub Exploit DB Packet Storm
310974 - - - A vulnerability in the AWV (Audio, Web, and Video) Conferencing component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to perform unauthorized data-access… - CVE-2024-47912 2024-10-24 00:12 2024-10-22 Show GitHub Exploit DB Packet Storm
310975 - - - A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a SQL injection attack du… - CVE-2024-47223 2024-10-24 00:12 2024-10-22 Show GitHub Exploit DB Packet Storm
310976 - - - Public Knowledge Project pkp-lib 3.4.0-7 and earlier is vulnerable to Open redirect due to a lack of input sanitization in the logout function. - CVE-2024-46326 2024-10-24 00:12 2024-10-22 Show GitHub Exploit DB Packet Storm
310977 - - - Buffer Overflow vulnerability in IrfanView 32bit v.4.66 allows a local attacker to cause a denial of service via a crafted file. Affected component is IrfanView 32bit 4.66 with plugin formats.dll. - CVE-2024-31007 2024-10-24 00:12 2024-10-22 Show GitHub Exploit DB Packet Storm
310978 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link [why] Encounter NULL pointer dereference uner mst + dsc setup. B… CWE-476
 NULL Pointer Dereference 		CVE-2024-47683 2024-10-24 00:02 2024-10-21 Show GitHub Exploit DB Packet Storm
310979 8.8 HIGH
Network 		fabianros hospital_management_system A vulnerability classified as critical was found in code-projects Hospital Management System 1.0. This vulnerability affects unknown code of the file change-password.php. The manipulation of the argu… CWE-89
SQL Injection 		CVE-2024-10169 2024-10-24 00:01 2024-10-20 Show GitHub Exploit DB Packet Storm
310980 8.2 HIGH
Network 		wikimedia wikimedia-extensions-css Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39… CWE-116
 Improper Encoding or Escaping of Output 		CVE-2024-47845 2024-10-24 00:00 2024-10-5 Show GitHub Exploit DB Packet Storm