Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209861	3.5	注意	IBM	-	IBM WebSphere Application Server および WebSphere Virtual Enterprise におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-6323	2015-08-7 18:15	2013-10-31	Show	GitHub Exploit DB Packet Storm

209862	7.5	危険	株式会社エヌ・ティ・ティ・データ	-	TERASOLUNA Server Framework for Java において ClassLoader が操作可能な脆弱性	CWE-DesignError	CVE-2014-0114	2015-08-7 18:15	2014-06-17	Show	GitHub Exploit DB Packet Storm

209863	4.3	警告	IBM	-	IBM SmartCloud Analytics Log Analysis におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-6738	2015-08-7 18:15	2014-04-2	Show	GitHub Exploit DB Packet Storm

209864	7.5	危険	Roundcube.net	-	Roundcube Webmail の steps/utils/save_pref.inc における構成の設定を変更される脆弱性	CWE-89 SQLインジェクション	CVE-2013-6172	2015-08-7 17:11	2013-10-21	Show	GitHub Exploit DB Packet Storm

209865	4	警告	OpenStack	-	OpenStack Orchestration API の ReST API におけるテナントスコープの制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-6428	2015-08-7 16:29	2013-12-14	Show	GitHub Exploit DB Packet Storm

209866	4	警告	OpenStack	-	OpenStack Orchestration API の cloudformation-compatible API におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-6426	2015-08-7 16:29	2013-12-14	Show	GitHub Exploit DB Packet Storm

209867	5	警告	cairographics.org X.Org Foundation Canonical Pixman	-	X.Org server および cairo で使用される Pixman の pixman.h 内の pixman_trapezoid_valid マクロにおける整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2013-6425	2015-08-7 16:29	2013-11-10	Show	GitHub Exploit DB Packet Storm

209868	5	警告	X.Org Foundation	-	X.Org の render/picture.h 内の xTrapezoidValid マクロにおける整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2013-6424	2015-08-7 16:29	2013-10-2	Show	GitHub Exploit DB Packet Storm

209869	4	警告	Samba Project	-	Samba におけるファイルの制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-4475	2015-08-7 16:27	2013-11-11	Show	GitHub Exploit DB Packet Storm

209870	4.6	警告	Moodle	-	Moodle における任意のプログラムを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-3630	2015-08-7 16:22	2013-10-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345821	-	coppermine	coppermine_photo_gallery	SQL injection vulnerability in Coppermine Photo Gallery 1.3.2 allows remote attackers to execute arbitrary SQL commands via the favs parameter to (1) init.inc.php or (2) zipdownload.php.	NVD-CWE-Other	CVE-2005-1225	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

345822	-	coppermine	coppermine_photo_gallery	Coppermine Photo Gallery 1.3.2 stores passwords in plaintext, which allows remote attackers to obtain sensitive information.	NVD-CWE-Other	CVE-2005-1226	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

345823	-	phprojekt	phprojekt	Cross-site scripting (XSS) vulnerability in PHProjekt 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the chatroom text submission form.	NVD-CWE-Other	CVE-2005-1227	2017-07-11 10:32	2005-04-20	Show	GitHub Exploit DB Packet Storm

345824	-	gnu	cpio	Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file.	NVD-CWE-Other	CVE-2005-1229	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

345825	-	php_labs	profile	Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the (1) dir or (2) file parameters.	NVD-CWE-Other	CVE-2005-1233	2017-07-11 10:32	2005-04-20	Show	GitHub Exploit DB Packet Storm

345826	-	ibm	iseries_as_400	By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases,…	NVD-CWE-Other	CVE-2005-1238	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

345827	-	raz-lee	security\+\+\+	Directory traversal vulnerability in the third party tool from Raz-Lee, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.l…	NVD-CWE-Other	CVE-2005-1239	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

345828	-	raz-lee	security\+\+\+	Fix is available on http://www.razlee.com/	NVD-CWE-Other	CVE-2005-1239	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

345829	-	castlehill	secure_net	Directory traversal vulnerability in the third party tool from Castlehill, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsy…	NVD-CWE-Other	CVE-2005-1240	2017-07-11 10:32	2005-04-20	Show	GitHub Exploit DB Packet Storm

345830	-	powertech	powerlock_networksecurity	Directory traversal vulnerability in the third party tool from Powertech, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys…	NVD-CWE-Other	CVE-2005-1241	2017-07-11 10:32	2005-04-20	Show	GitHub Exploit DB Packet Storm