Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
211061	4.3	警告	Apache Software Foundation	-	Apache Cordova Android における HTTP のホワイトリストを回避される脆弱性	CWE-Other その他	CVE-2014-3501	2014-11-18 15:47	2014-08-4	Show	GitHub Exploit DB Packet Storm

211062	6.4	警告	Apache Software Foundation	-	Apache Cordova Android におけるスタートページを変更される脆弱性	CWE-Other その他	CVE-2014-3500	2014-11-18 15:46	2014-08-4	Show	GitHub Exploit DB Packet Storm

211063	6	警告	Ubercart	-	Drupal 用 Ubercart モジュールにおける任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-2301	2014-11-18 15:43	2012-04-25	Show	GitHub Exploit DB Packet Storm

211064	6.5	警告	レッドハット	-	Red Hat OpenShift Enterprise および OpenShift Origin における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2014-0233	2014-11-18 15:06	2013-05-21	Show	GitHub Exploit DB Packet Storm

211065	6.4	警告	Zend Technologies Ltd.	-	ZendOpenId の Consumer コンポーネントの GenericConsumer クラスおよび Zend Framework の Zend_OpenId_Consumer クラスにおける認証を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-2684	2014-11-18 12:47	2014-04-3	Show	GitHub Exploit DB Packet Storm

211066	5	警告	Zend Technologies Ltd.	-	複数の Zend 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2014-2683	2014-11-18 12:46	2014-04-3	Show	GitHub Exploit DB Packet Storm

211067	6.8	警告	Zend Technologies Ltd.	-	複数の Zend 製品における XML 外部エンティティ攻撃を実行される脆弱性	CWE-Other その他	CVE-2014-2682	2014-11-18 12:46	2014-04-3	Show	GitHub Exploit DB Packet Storm

211068	6.4	警告	Zend Technologies Ltd.	-	複数の Zend 製品における任意のファイルを読まれる脆弱性	CWE-Other その他	CVE-2014-2681	2014-11-18 12:46	2014-04-3	Show	GitHub Exploit DB Packet Storm

211069	6.1	警告	シスコシステムズ	-	Cisco Aironet アクセスポイント上で稼働する Cisco IOS の DHCP の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2014-7997	2014-11-18 11:38	2014-11-17	Show	GitHub Exploit DB Packet Storm

211070	7.1	危険	シスコシステムズ	-	Cisco Aironet アクセスポイント上で稼働する Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-7998	2014-11-18 11:37	2014-11-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
294031	-	lifetype	lifetype	SQL injection vulnerability in the LifeType (formerly pLog) module for Drupal allows remote attackers to execute arbitrary SQL commands via the albumId parameter in a ViewAlbum action to index.php.	CWE-89 SQL Injection	CVE-2008-2629	2017-09-29 10:31	2008-06-10	Show	GitHub Exploit DB Packet Storm

294032	-	joomla	com_jb2	SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter in a category action to index.p…	CWE-89 SQL Injection	CVE-2008-2630	2017-09-29 10:31	2008-06-10	Show	GitHub Exploit DB Packet Storm

294033	-	joomla	com_acctexp joomla	SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe acti…	CWE-89 SQL Injection	CVE-2008-2632	2017-09-29 10:31	2008-06-10	Show	GitHub Exploit DB Packet Storm

294034	-	bearrivernet.net	i-pos_internet_pay_online_store	SQL injection vulnerability in index.asp in I-Pos Internet Pay Online Store 1.3 Beta and earlier allows remote attackers to execute arbitrary SQL commands via the item parameter.	CWE-89 SQL Injection	CVE-2008-2634	2017-09-29 10:31	2008-06-10	Show	GitHub Exploit DB Packet Storm

294035	-	1-script	1-book	Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to …	CWE-94 Code Injection	CVE-2008-2638	2017-09-29 10:31	2008-06-10	Show	GitHub Exploit DB Packet Storm

294036	-	joomla	com_biblestudy	SQL injection vulnerability in the Bible Study (com_biblestudy) component before 6.0.7c for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a mediaplayer act…	CWE-89 SQL Injection	CVE-2008-2643	2017-09-29 10:31	2008-06-11	Show	GitHub Exploit DB Packet Storm

294037	-	brim-project	brim	Multiple PHP remote file inclusion vulnerabilities in Brim (formerly Booby) 1.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the renderer parameter to template.tpl.php in (1) b…	CWE-94 Code Injection	CVE-2008-2645	2017-09-29 10:31	2008-06-11	Show	GitHub Exploit DB Packet Storm

294038	-	mebiblio	mebiblio	Multiple cross-site scripting (XSS) vulnerabilities in meBiblio 0.4.7 allow remote attackers to inject arbitrary web script or HTML via the (1) sql parameter to dbadd.inc.php, (2) InsertJournal param…	CWE-79 Cross-site Scripting	CVE-2008-2646	2017-09-29 10:31	2008-06-11	Show	GitHub Exploit DB Packet Storm

294039	-	mebiblio	mebiblio	SQL injection vulnerability in admin/journal_change_mask.inc.php in meBiblio 0.4.7 allows remote attackers to execute arbitrary SQL commands via the JID parameter.	CWE-89 SQL Injection	CVE-2008-2647	2017-09-29 10:31	2008-06-11	Show	GitHub Exploit DB Packet Storm

294040	-	mebiblio	mebiblio	Unrestricted file upload vulnerability in upload/uploader.html in meBiblio 0.4.7 allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to …	CWE-20 Improper Input Validation	CVE-2008-2648	2017-09-29 10:31	2008-06-11	Show	GitHub Exploit DB Packet Storm