Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3121	6.1	警告 Network	HasThemes	extensions for cf7	HasThemesのWordPress用extensions for cf7におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-29102	2026-01-30 14:13	2024-03-19	Show	GitHub Exploit DB Packet Storm

3122	7.1	重要 Network	webberzone	better search	webberzoneのWordPress用better searchにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-29142	2026-01-30 14:13	2024-03-19	Show	GitHub Exploit DB Packet Storm

3123	5.4	警告 Network	HasThemes	wishsuite	HasThemesのWordPress用wishsuiteにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-29927	2026-01-30 14:13	2024-03-27	Show	GitHub Exploit DB Packet Storm

3124	7.5	重要 Network	wpwebelite	WooCommerce Social Login	WPWeb EliteのWordPress用WooCommerce Social Loginにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2024-37502	2026-01-30 14:13	2024-07-9	Show	GitHub Exploit DB Packet Storm

3125	9.3	緊急 Network	wpwebelite	WooCommerce PDF Vouchers	WPWeb EliteのWordPress用WooCommerce PDF Vouchersにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2024-39651	2026-01-30 14:13	2024-08-13	Show	GitHub Exploit DB Packet Storm

3126	6.1	警告 Network	wpwebelite	WooCommerce PDF Vouchers	WPWeb EliteのWordPress用WooCommerce PDF Vouchersにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-39652	2026-01-30 14:12	2024-08-1	Show	GitHub Exploit DB Packet Storm

3127	7.5	重要 Network		-	WPWeb EliteのWordPress用Docket - WooCommerce Collections / Wishlist / Watchlistにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2024-43131	2026-01-30 14:12	2024-08-13	Show	GitHub Exploit DB Packet Storm

3128	6.1	警告 Network	wpwebinfotech	social auto poster	wpwebinfotechのWordPress用social auto posterにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-47369	2026-01-30 14:12	2024-10-5	Show	GitHub Exploit DB Packet Storm

3129	7.8	重要 Local	UPDF	UPDF	UPDFにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2025-10213	2026-01-30 14:12	2025-09-10	Show	GitHub Exploit DB Packet Storm

3130	6.1	警告 Network	Vtiger	Vtiger CRM	VtigerのVtiger CRMにおける複数の脆弱性	CWE-79 CWE-79 CWE-94	CVE-2025-1618	2026-01-30 14:12	2025-02-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348261	-	dnrd	dnrd	The DNS implementation of DNRD before 2.10 allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an i…	NVD-CWE-Other	CVE-2005-0037	2008-09-6 05:45	2005-12-31	Show	GitHub Exploit DB Packet Storm

348262	-	dnrd	dnrd	This vulnerability is addressed in the following product release: dnrd, dnrd, 2.10	NVD-CWE-Other	CVE-2005-0037	2008-09-6 05:45	2005-12-31	Show	GitHub Exploit DB Packet Storm

348263	-	powerdns	powerdns	The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could t…	NVD-CWE-Other	CVE-2005-0038	2008-09-6 05:45	2005-12-31	Show	GitHub Exploit DB Packet Storm

348264	-	synaesthesia	synaesthesia	Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbit…	NVD-CWE-Other	CVE-2005-0070	2008-09-6 05:45	2005-05-2	Show	GitHub Exploit DB Packet Storm

348265	-	tcp	tcp	The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequ…	NVD-CWE-Other	CVE-2005-0065	2008-09-6 05:45	2005-05-2	Show	GitHub Exploit DB Packet Storm

348266	-	tcp	tcp	The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has alr…	NVD-CWE-Other	CVE-2005-0066	2008-09-6 05:45	2004-12-22	Show	GitHub Exploit DB Packet Storm

348267	-	tcp	tcp	The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connec…	NVD-CWE-Other	CVE-2005-0067	2008-09-6 05:45	2004-12-22	Show	GitHub Exploit DB Packet Storm

348268	-	tcp	tcp	The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and c…	NVD-CWE-Other	CVE-2005-0068	2008-09-6 05:45	2004-12-22	Show	GitHub Exploit DB Packet Storm

348269	-	debian	sympa	Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code.	NVD-CWE-Other	CVE-2005-0073	2008-09-6 05:45	2005-05-2	Show	GitHub Exploit DB Packet Storm

348270	-	xpcd	xpcd	Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to execute arbitrary code.	NVD-CWE-Other	CVE-2005-0074	2008-09-6 05:45	2005-02-11	Show	GitHub Exploit DB Packet Storm