Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253731 6.8 警告 アップル
サイバートラスト株式会社
Python Software Foundation
サン・マイクロシステムズ
レッドハット		 - Python の imageop.c における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2008-1679 2010-01-19 15:48 2008-04-22 Show GitHub Exploit DB Packet Storm
253732 5.8 警告 アップル
サイバートラスト株式会社
Python Software Foundation
サン・マイクロシステムズ
レッドハット		 - Python の imageop モジュールにおける複数の整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2007-4965 2010-01-19 15:47 2007-09-18 Show GitHub Exploit DB Packet Storm
253733 7.5 危険 アップル - Mac OS X 用の Java における任意のコードを実行される脆弱性 CWE-310
暗号の問題 		CVE-2009-2843 2010-01-18 12:22 2009-12-3 Show GitHub Exploit DB Packet Storm
253734 6.8 警告 アップル
GNU Project
サン・マイクロシステムズ
サイバートラスト株式会社
レッドハット		 - GNU tar の contains_dot_dot() 関数におけるディレクトリトラバーサルの脆弱性 - CVE-2007-4131 2010-01-18 12:21 2007-08-23 Show GitHub Exploit DB Packet Storm
253735 4.6 警告 IBM - IBM DB2 の dasauto における管理者権限を持たないユーザが実行可能な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4150 2010-01-15 14:10 2009-12-2 Show GitHub Exploit DB Packet Storm
253736 2.1 注意 サン・マイクロシステムズ - Sun Solaris の ldap_cachemgr におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-4080 2010-01-15 14:10 2009-11-24 Show GitHub Exploit DB Packet Storm
253737 5 警告 サン・マイクロシステムズ - Sun Solaris の sshd におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-4075 2010-01-15 14:09 2009-11-23 Show GitHub Exploit DB Packet Storm
253738 2.6 注意 オラクル - Oracle Application Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2010-01-14 15:01 2010-01-14 Show GitHub Exploit DB Packet Storm
253739 9.3 危険 マイクロソフト - Microsoft Internet Explorer に脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3672 2010-01-14 12:08 2009-11-25 Show GitHub Exploit DB Packet Storm
253740 9.3 危険 サン・マイクロシステムズ
VMware		 - Sun Java SE の java.lang パッケージにおける脆弱性 CWE-362
競合状態 		CVE-2009-2724 2010-01-14 12:08 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
307441 6.8 MEDIUM
Network 		cisco rv042_firmware
rv042g_firmware
rv320_firmware
rv325_firmware 		A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an un… CWE-787
 Out-of-bounds Write 		CVE-2024-20517 2024-10-8 22:47 2024-10-3 Show GitHub Exploit DB Packet Storm
307442 6.5 MEDIUM
Network 		cisco nexus_dashboard
nexus_dashboard_fabric_controller 		A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device. This vulnerability… NVD-CWE-noinfo
CVE-2024-20441 2024-10-8 22:45 2024-10-3 Show GitHub Exploit DB Packet Storm
307443 6.8 MEDIUM
Network 		cisco rv042_firmware
rv042g_firmware
rv320_firmware
rv325_firmware 		A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an un… CWE-787
 Out-of-bounds Write 		CVE-2024-20516 2024-10-8 22:44 2024-10-3 Show GitHub Exploit DB Packet Storm
307444 8.8 HIGH
Network 		mi ax9000_firmware The Xiaomi router AX9000 has a post-authentication command injection vulnerability. This vulnerability is caused by the lack of input filtering, allowing an attacker to exploit it to obtain root acce… CWE-77
Command Injection 		CVE-2023-26315 2024-10-8 19:15 2024-08-26 Show GitHub Exploit DB Packet Storm
307445 4.8 MEDIUM
Network 		expresstech quiz_and_survey_master The Quiz and Survey Master (QSM) WordPress plugin before 9.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Sc… CWE-79
Cross-site Scripting 		CVE-2024-8758 2024-10-8 06:35 2024-09-23 Show GitHub Exploit DB Packet Storm
307446 6.1 MEDIUM
Network 		seopress seopress The SEOPress – On-site SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versi… CWE-79
Cross-site Scripting 		CVE-2024-9225 2024-10-8 05:24 2024-10-2 Show GitHub Exploit DB Packet Storm
307447 9.8 CRITICAL
Network 		code-projects restaurant_reservation_system A vulnerability has been found in code-projects Restaurant Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /filter2.php. The … CWE-89
SQL Injection 		CVE-2024-9429 2024-10-8 05:15 2024-10-2 Show GitHub Exploit DB Packet Storm
307448 6.1 MEDIUM
Network 		icopydoc yml_for_yandex_market The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.7.2 due to insufficient input sanitizat… CWE-79
Cross-site Scripting 		CVE-2024-9378 2024-10-8 05:15 2024-10-2 Show GitHub Exploit DB Packet Storm
307449 4.8 MEDIUM
Network 		redhat build_of_keycloak A vulnerability was found in Keycloak. Expired OTP codes are still usable when using FreeOTP when the OTP token period is set to 30 seconds (default). Instead of expiring and deemed unusable around 3… CWE-324
 Use of a Key Past its Expiration Date 		CVE-2024-7318 2024-10-8 05:15 2024-09-10 Show GitHub Exploit DB Packet Storm
307450 5.4 MEDIUM
Network 		cisco nexus_dashboard_fabric_controller
nexus_dashboard 		A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. Thi… CWE-862
 Missing Authorization 		CVE-2024-20442 2024-10-8 05:11 2024-10-3 Show GitHub Exploit DB Packet Storm