Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1861 9.8 緊急
Network 		アドバンテック株式会社 EKI-6333AC-2GD Firmware
EKI-6333AC-1GPO Firmware
EKI-6333AC-2G Firmware 		アドバンテック株式会社のEKI-6333AC-1GPO Firmware等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-50372 2026-01-26 19:32 2024-11-26 Show GitHub Exploit DB Packet Storm
1862 9.8 緊急
Network 		アドバンテック株式会社 EKI-6333AC-2GD Firmware
EKI-6333AC-1GPO Firmware
EKI-6333AC-2G Firmware 		アドバンテック株式会社のEKI-6333AC-1GPO Firmware等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-50373 2026-01-26 19:32 2024-11-26 Show GitHub Exploit DB Packet Storm
1863 9.8 緊急
Network 		アドバンテック株式会社 EKI-6333AC-2GD Firmware
EKI-6333AC-1GPO Firmware
EKI-6333AC-2G Firmware 		アドバンテック株式会社のEKI-6333AC-1GPO Firmware等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-50374 2026-01-26 19:32 2024-11-26 Show GitHub Exploit DB Packet Storm
1864 9.8 緊急
Network 		アドバンテック株式会社 EKI-6333AC-2GD Firmware
EKI-6333AC-1GPO Firmware
EKI-6333AC-2G Firmware 		アドバンテック株式会社のEKI-6333AC-1GPO Firmware等の複数製品における複数の脆弱性 CWE-306
CWE-78
CVE-2024-50375 2026-01-26 19:32 2024-11-26 Show GitHub Exploit DB Packet Storm
1865 5.2 警告
Adjacent 		アドバンテック株式会社 EKI-6333AC-2GD Firmware
EKI-6333AC-1GPO Firmware
EKI-6333AC-2G Firmware 		アドバンテック株式会社のEKI-6333AC-1GPO Firmware等の複数製品における複数の脆弱性 CWE-78
CWE-79
CVE-2024-50376 2026-01-26 19:32 2024-11-26 Show GitHub Exploit DB Packet Storm
1866 6.5 警告
Local 		アドバンテック株式会社 EKI-6333AC-2GD Firmware
EKI-6333AC-1GPO Firmware
EKI-6333AC-2G Firmware 		アドバンテック株式会社のEKI-6333AC-1GPO Firmware等の複数製品における複数の脆弱性 CWE-78
CWE-798
CVE-2024-50377 2026-01-26 19:32 2024-11-26 Show GitHub Exploit DB Packet Storm
1867 8.8 重要
Network 		Palo Alto Networks Expedition Palo Alto NetworksのExpeditionにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2025-0103 2026-01-26 19:32 2025-01-11 Show GitHub Exploit DB Packet Storm
1868 6.1 警告
Network 		Palo Alto Networks Expedition Palo Alto NetworksのExpeditionにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-0104 2026-01-26 19:32 2025-01-11 Show GitHub Exploit DB Packet Storm
1869 9.1 緊急
Network 		Palo Alto Networks Expedition Palo Alto NetworksのExpeditionにおけるファイル名やパス名の外部制御に関する脆弱性 CWE-73
ファイル名やパス名の外部制御 		CVE-2025-0105 2026-01-26 19:32 2025-01-11 Show GitHub Exploit DB Packet Storm
1870 5.3 警告
Network 		Palo Alto Networks Expedition Palo Alto NetworksのExpeditionにおけるワイルドカードまたは照合シンボルの無害化に関する脆弱性 CWE-155
ワイルドカードまたは照合シンボルの不適切な無害化 		CVE-2025-0106 2026-01-26 19:32 2025-01-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
304461 - brickhost phpscheduleit phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which allows users with physical access to gain administrative privileges. NVD-CWE-Other
CVE-2004-1652 2017-07-11 10:31 2004-08-31 Show GitHub Exploit DB Packet Storm
304462 - openbsd openssh The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonC… NVD-CWE-Other
CVE-2004-1653 2017-07-11 10:31 2004-08-31 Show GitHub Exploit DB Packet Storm
304463 - phpwebsite phpwebsite SQL injection vulnerability in the calendar module in phpWebsite 0.9.3-4 and earlier allows remote attackers to execute arbitrary SQL commands via cal_template. NVD-CWE-Other
CVE-2004-1654 2017-07-11 10:31 2004-09-1 Show GitHub Exploit DB Packet Storm
304464 - phpwebsite phpwebsite Cross-site scripting (XSS) vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) CM_pid parameter in the comments module or (2) th… NVD-CWE-Other
CVE-2004-1655 2017-07-11 10:31 2004-09-1 Show GitHub Exploit DB Packet Storm
304465 - comersus_open_technologies comersus_cart CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl pa… NVD-CWE-Other
CVE-2004-1656 2017-07-11 10:31 2004-09-1 Show GitHub Exploit DB Packet Storm
304466 - newtelligence dasblog Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Refer… NVD-CWE-Other
CVE-2004-1657 2017-07-11 10:31 2004-09-1 Show GitHub Exploit DB Packet Storm
304467 - kerio personal_firewall Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physical… NVD-CWE-Other
CVE-2004-1658 2017-07-11 10:31 2004-09-2 Show GitHub Exploit DB Packet Storm
304468 - cutephp cutenews Cross-site scripting (XSS) vulnerability in index.php in CuteNews 1.3.6 and earlier allows remote attackers with Administrator, Editor, Journalist or Commenter privileges to inject arbitrary web scri… NVD-CWE-Other
CVE-2004-1659 2017-07-11 10:31 2004-09-2 Show GitHub Exploit DB Packet Storm
304469 - cutephp cutenews PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier allows remote attackers to execute arbitrary PHP code via the cutepath parameter to (1) show_archives.php or (2) show_news.php. NVD-CWE-Other
CVE-2004-1660 2017-07-11 10:31 2004-08-30 Show GitHub Exploit DB Packet Storm
304470 - sitecubed mailworks_professional MailWorks Professional allows remote attackers to bypass authentication and gain privileges via a cookie that contains "auth=1" and "uId=1." NVD-CWE-Other
CVE-2004-1661 2017-07-11 10:31 2004-09-2 Show GitHub Exploit DB Packet Storm