Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1951	8.8	重要 Network	oretnom23	Human Resource Management System Project in PHP and MySQL Free Source Code	oretnom23 の Human Resource Management System Project in PHP and MySQL Free Source Code における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2022-43318	2026-01-23 14:25	2022-11-7	Show	GitHub Exploit DB Packet Storm

1952	4.8	警告 Network	bdtask	Isshue	bdtaskのIsshueにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2021-47769	2026-01-23 14:23	2026-01-15	Show	GitHub Exploit DB Packet Storm

1953	7.5	重要 Network	Agora-Project	Agora-Project	Agora-Projectにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2025-67076	2026-01-23 14:23	2026-01-15	Show	GitHub Exploit DB Packet Storm

1954	8.8	重要 Network	Agora-Project	Agora-Project	Agora-Projectにおける危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2025-67077	2026-01-23 14:23	2026-01-15	Show	GitHub Exploit DB Packet Storm

1955	6.1	警告 Network	Agora-Project	Agora-Project	Agora-Projectにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-67078	2026-01-23 14:23	2026-01-15	Show	GitHub Exploit DB Packet Storm

1956	9.8	緊急 Network	Agora-Project	Agora-Project	Agora-Projectにおける危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2025-67079	2026-01-23 14:23	2026-01-15	Show	GitHub Exploit DB Packet Storm

1957	9.4	緊急 Network	Mitel Networks Corporation	mivoice mx-one	Mitel Networks Corporationのmivoice mx-oneにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2025-67822	2026-01-23 14:23	2026-01-15	Show	GitHub Exploit DB Packet Storm

1958	6.5	警告 Network	Wireshark	Wireshark	Wiresharkにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-0959	2026-01-23 14:23	2026-01-14	Show	GitHub Exploit DB Packet Storm

1959	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける無限ループに関する脆弱性	CWE-835 無限ループ	CVE-2026-0960	2026-01-23 14:23	2026-01-14	Show	GitHub Exploit DB Packet Storm

1960	6.5	警告 Network	Wireshark	Wireshark	Wiresharkにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-0961	2026-01-23 14:23	2026-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
283291	-	stephen_craton	chatness	admin/options.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier does not check for administrative credentials, which allows remote attackers to read and modify the classes/vars.php and …	NVD-CWE-Other	CVE-2007-2147	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283292	-	stephen_craton	chatness	Direct static code injection vulnerability in admin/save.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier allows remote authenticated administrators to inject PHP code into .html files…	NVD-CWE-Other	CVE-2007-2148	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283293	-	stephen_craton	chatness	Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier stores usernames and unencrypted passwords in (1) classes/vars.php and (2) classes/varstuff.php, and recommends 0666 or 0777 permissions for t…	NVD-CWE-Other	CVE-2007-2149	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283294	-	bluearc	titan	BlueArc-FTPD in BlueArc Titan 2x00 devices with firmware 4.2.944b allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command, a variant of CVE-1999-0017.	NVD-CWE-Other	CVE-2007-2150	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283295	-	atmail	atmail_webmail	Cross-site scripting (XSS) vulnerability in atmail.php in @Mail 5.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter.	NVD-CWE-Other	CVE-2007-2153	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283296	-	phpfaber	topsites	Directory traversal vulnerability in template.php in in phpFaber TopSites 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the modify parameter in a template action to admin/in…	NVD-CWE-Other	CVE-2007-2155	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283297	-	gnu mozilla	iceweasel firefox	(1) Mozilla Firefox 2.0.0.3 and (2) GNU IceWeasel 2.0.0.3 allow remote attackers to cause a denial of service (browser crash or system hang) via JavaScript that matches a regular expression against a…	NVD-CWE-Other	CVE-2007-2162	2018-10-17 01:42	2007-04-23	Show	GitHub Exploit DB Packet Storm

283298	-	apple	safari	Apple Safari allows remote attackers to cause a denial of service (browser crash) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/.	NVD-CWE-Other	CVE-2007-2163	2018-10-17 01:42	2007-04-23	Show	GitHub Exploit DB Packet Storm

283299	-	kde	konqueror	Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial of service (browser crash or abort) via JavaScript that matches a regular expression against a long string, as demonstrated usin…	NVD-CWE-Other	CVE-2007-2164	2018-10-17 01:42	2007-04-23	Show	GitHub Exploit DB Packet Storm

283300	-	oracle	e-business_suite	The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not check for valid sessions, which allows remote attackers to delete arbitrary nodes. NOTE: due to lack of details from Oracle, it i…	NVD-CWE-Other	CVE-2007-2170	2018-10-17 01:42	2007-04-25	Show	GitHub Exploit DB Packet Storm