Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
211531	5	警告	Bulb Security LLC	-	Bulb Security Smartphone Pentest Framework における平文のデータベースパスワードを取得される脆弱性	CWE-255 CWE-264	CVE-2012-5696	2014-10-27 16:49	2012-11-15	Show	GitHub Exploit DB Packet Storm

211532	6.8	警告	Bulb Security LLC	-	Bulb Security Smartphone Pentest Framework におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-5695	2014-10-27 16:49	2012-11-15	Show	GitHub Exploit DB Packet Storm

211533	6.8	警告	Bulb Security LLC	-	Bulb Security Smartphone Pentest Framework における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-5694	2014-10-27 16:48	2012-11-15	Show	GitHub Exploit DB Packet Storm

211534	3.5	注意	EspoCRM	-	EspoCRM におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8330	2014-10-27 16:42	2014-08-10	Show	GitHub Exploit DB Packet Storm

211535	10	危険	Schrack	-	Schrack Technik microControl のファームウェアにおけるアクセスデータを取得される脆弱性	CWE-287 不適切な認証	CVE-2014-8329	2014-10-27 16:05	2014-07-10	Show	GitHub Exploit DB Packet Storm

211536	7.5	危険	（複数のベンダ）	-	複数の NAT-PMP デバイスが WAN 側から操作可能な問題	-	-	2014-10-27 14:46	2014-10-23	Show	GitHub Exploit DB Packet Storm

211537	4.3	警告	The Jamroom Network	-	Jamroom の Search モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5098	2014-10-27 14:43	2014-07-23	Show	GitHub Exploit DB Packet Storm

211538	5	警告	Status2K.com	-	Status2k における設定情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2014-5094	2014-10-27 14:42	2014-06-20	Show	GitHub Exploit DB Packet Storm

211539	7.5	危険	Innovative Interfaces Inc.	-	Innovative vtls-Virtua の web_reports/cgi-bin/InfoStation.cgi のログインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-2081	2014-10-27 14:42	2014-08-22	Show	GitHub Exploit DB Packet Storm

211540	4.3	警告	Achievo	-	Achievo の include.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5866	2014-10-27 14:41	2012-12-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
284841	-	aruba_networks	mc-800	Cross-site scripting (XSS) vulnerability in the login page in the management interface in the Aruba 800 Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier, allows remote attackers…	CWE-79 Cross-site Scripting	CVE-2007-6054	2018-10-16 06:49	2007-11-21	Show	GitHub Exploit DB Packet Storm

284842	-	liferay	portal	Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Portal 4.1.0 and 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the login parameter. NOTE: this issue …	CWE-79 Cross-site Scripting	CVE-2007-6055	2018-10-16 06:49	2007-11-21	Show	GitHub Exploit DB Packet Storm

284843	-	aida-orga	aida-web	frame.html in Aida-Web (Aida Web) allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the (1) Mehr and (2) SUPER parameters.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2007-6056	2018-10-16 06:49	2007-11-21	Show	GitHub Exploit DB Packet Storm

284844	-	profilecms	profilecms	Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) codes action in the profile-co…	CWE-89 SQL Injection	CVE-2007-6058	2018-10-16 06:49	2007-11-21	Show	GitHub Exploit DB Packet Storm

284845	-	ahnlab	v3_internet_security	AhnLab Antivirus 3 Internet Security 2008 Platinum appends data to a filename string at a location indicated by the "Filename length" field in a ZIP header, which allows remote attackers to cause a d…	CWE-20 Improper Input Validation	CVE-2007-6060	2018-10-16 06:49	2007-11-21	Show	GitHub Exploit DB Packet Storm

284846	-	postgresql tcl_tk	postgresql tcl_tk	Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows…	CWE-189 Numeric Errors	CVE-2007-6067	2018-10-16 06:49	2008-01-10	Show	GitHub Exploit DB Packet Storm

284847	-	sciurus	sciurus_hosting_panel	Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.0.3, allows remote attackers to inject arbitrary PHP code via the filecontents parameter, which can…	CWE-94 Code Injection	CVE-2007-6082	2018-10-16 06:49	2007-11-22	Show	GitHub Exploit DB Packet Storm

284848	-	icebb	icebb	SQL injection vulnerability in admin/index.php in IceBB 1.0-rc6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.	CWE-89 SQL Injection	CVE-2007-6083	2018-10-16 06:49	2007-11-22	Show	GitHub Exploit DB Packet Storm

284849	-	vigilecms	vigilecms	Multiple cross-site scripting (XSS) vulnerabilities in index.php in VigileCMS 1.4 allow remote attackers to inject arbitrary web script or HTML via the message field in the (1) vedipm or (2) live_cha…	CWE-79 Cross-site Scripting	CVE-2007-6085	2018-10-16 06:49	2007-11-22	Show	GitHub Exploit DB Packet Storm

284850	-	vigilecms	vigilecms	Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter.	CWE-22 Path Traversal	CVE-2007-6086	2018-10-16 06:49	2007-11-22	Show	GitHub Exploit DB Packet Storm