Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
211601 4.3 警告 SAP - SAP HANA Developer Edition におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-8314 2014-10-23 19:27 2014-05-13 Show GitHub Exploit DB Packet Storm
211602 6 警告 SAP - SAP HANA の Developer Workbench の ide/core/base/server/net.xsjs における任意の XSJX コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-8313 2014-10-23 19:26 2014-06-10 Show GitHub Exploit DB Packet Storm
211603 3.5 注意 SAP - SAP Netweaver AS ABAP の Business Warehouse における重要な情報を取得される脆弱性 CWE-Other
その他 		CVE-2014-8312 2014-10-23 19:26 2014-06-10 Show GitHub Exploit DB Packet Storm
211604 3.5 注意 SAP - SAP BusinessObjects における重要な情報を取得される脆弱性 CWE-Other
その他 		CVE-2014-8311 2014-10-23 19:25 2014-06-10 Show GitHub Exploit DB Packet Storm
211605 7.1 危険 SAP - SAP BusinessObjects の CMS CORBA リスナーにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-8310 2014-10-23 19:23 2014-06-10 Show GitHub Exploit DB Packet Storm
211606 5 警告 SAP - SAP BusinessObjects および BusinessObjects XI における有効なユーザ名を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-8309 2014-10-23 19:22 2014-06-10 Show GitHub Exploit DB Packet Storm
211607 4.3 警告 SAP - SAP BusinessObjects の Send to Inbox 機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-8308 2014-10-23 19:19 2014-06-10 Show GitHub Exploit DB Packet Storm
211608 2.1 注意 CloudBees - CloudBees Jenkins の hudson/util/RemotingDiagnostics.java の doIndex 関数における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-2068 2014-10-23 17:33 2014-02-8 Show GitHub Exploit DB Packet Storm
211609 6.8 警告 CloudBees - CloudBees Jenkins における Web セッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2014-2066 2014-10-23 17:33 2014-02-12 Show GitHub Exploit DB Packet Storm
211610 4.3 警告 CloudBees - CloudBees Jenkins におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2065 2014-10-23 17:32 2014-02-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
284261 - kde konqueror konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI fr… NVD-CWE-Other
CVE-2007-3820 2018-10-16 06:31 2007-07-17 Show GitHub Exploit DB Packet Storm
284262 - citadel webcit Cross-site request forgery (CSRF) vulnerability in Webcit before 7.11 allows remote attackers to modify configurations and perform other actions as arbitrary users via unspecified vectors. NVD-CWE-Other
CVE-2007-3821 2018-10-16 06:31 2007-07-17 Show GitHub Exploit DB Packet Storm
284263 - citadel webcit Multiple cross-site scripting (XSS) vulnerabilities in Webcit before 7.11 allow remote attackers to inject arbitrary web script or HTML via (1) the who parameter to showuser; and other vectors involv… NVD-CWE-Other
CVE-2007-3822 2018-10-16 06:31 2007-07-17 Show GitHub Exploit DB Packet Storm
284264 - mozilla firefox Mozilla Firefox allows for cookies to be set with a null domain (aka "domainless cookies"), which allows remote attackers to pass information between arbitrary domains and track user activity, as dem… NVD-CWE-Other
CVE-2007-3827 2018-10-16 06:31 2007-07-18 Show GitHub Exploit DB Packet Storm
284265 - exlibris_group aleph Multiple cross-site scripting (XSS) vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered th… NVD-CWE-Other
CVE-2007-3834 2018-10-16 06:31 2007-07-18 Show GitHub Exploit DB Packet Storm
284266 - exlibris_group metalib Cross-site scripting (XSS) vulnerability in Ex Libris MetaLib 3.13 and 4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a resource id that can be di… NVD-CWE-Other
CVE-2007-3835 2018-10-16 06:31 2007-07-18 Show GitHub Exploit DB Packet Storm
284267 - mozilla firefox
seamonkey
thunderbird 		Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that in… NVD-CWE-Other
CVE-2007-3844 2018-10-16 06:31 2007-08-8 Show GitHub Exploit DB Packet Storm
284268 - linux linux_kernel Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which deliv… NVD-CWE-Other
CVE-2007-3848 2018-10-16 06:31 2007-08-15 Show GitHub Exploit DB Packet Storm
284269 - oracle database_server Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to have an unknown impact via (1) SYS.DBMS_DRS in the Da… NVD-CWE-Other
CVE-2007-3855 2018-10-16 06:31 2007-07-19 Show GitHub Exploit DB Packet Storm
284270 - oracle apex Unspecified vulnerability in Oracle Application Express (formerly Oracle HTML DB) 2.2.0.00.32 up to 3.0.0.00.20 allows developers to have an unknown impact via unknown attack vectors, aka APEX01. NO… NVD-CWE-Other
CVE-2007-3860 2018-10-16 06:31 2007-07-19 Show GitHub Exploit DB Packet Storm