Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
214381	3.5	注意	Pro Chat Rooms	-	Pro Chat Rooms Text Chat Rooms におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5276	2014-10-27 17:45	2014-08-5	Show	GitHub Exploit DB Packet Storm

214382	6.5	警告	Pro Chat Rooms	-	Pro Chat Rooms Text Chat Rooms の includes/functions.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-5275	2014-10-27 17:45	2014-08-5	Show	GitHub Exploit DB Packet Storm

214383	6.5	警告	TomatoCart	-	TomatoCart における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-3978	2014-10-27 17:35	2014-08-5	Show	GitHub Exploit DB Packet Storm

214384	4.3	警告	TomatoCart	-	TomatoCart の info.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-3830	2014-10-27 17:34	2014-08-5	Show	GitHub Exploit DB Packet Storm

214385	3.5	注意	Date project	-	Drupal 用 Date モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5169	2014-10-27 17:28	2014-07-29	Show	GitHub Exploit DB Packet Storm

214386	3.5	注意	The Cacti Group	-	Cacti におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5026	2014-10-27 17:21	2014-07-4	Show	GitHub Exploit DB Packet Storm

214387	3.5	注意	The Cacti Group	-	Cacti の data_sources.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5025	2014-10-27 17:20	2014-07-4	Show	GitHub Exploit DB Packet Storm

214388	4.6	警告	Bulb Security LLC	-	Bulb Security Smartphone Pentest Framework における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5697	2014-10-27 16:50	2012-11-15	Show	GitHub Exploit DB Packet Storm

214389	5	警告	Bulb Security LLC	-	Bulb Security Smartphone Pentest Framework における平文のデータベースパスワードを取得される脆弱性	CWE-255 CWE-264	CVE-2012-5696	2014-10-27 16:49	2012-11-15	Show	GitHub Exploit DB Packet Storm

214390	6.8	警告	Bulb Security LLC	-	Bulb Security Smartphone Pentest Framework におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-5695	2014-10-27 16:49	2012-11-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
350241	-	acuma	acusend	Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable.	NVD-CWE-Other	CVE-2002-1538	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

350242	-	alt-n	mdaemon	Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service via long (1) DELE or (2) UIDL arguments.	NVD-CWE-Other	CVE-2002-1539	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

350243	-	working_resources_inc.	badblue	BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing an extra / (slash).	NVD-CWE-Other	CVE-2002-1541	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

350244	-	solarwinds	tftp_server	SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.	NVD-CWE-Other	CVE-2002-1542	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

350245	-	netbsd	netbsd	Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.	NVD-CWE-Other	CVE-2002-1543	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

350246	-	cooolsoft	personal_ftp_server	Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to read or modify arbitrary files via .. (dot dot) sequences in the commands (1) LIST (ls), (2) mkdir, …	NVD-CWE-Other	CVE-2002-1544	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

350247	-	cooolsoft	personal_ftp_server	CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response.	NVD-CWE-Other	CVE-2002-1545	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

350248	-	brs	webweaver	BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.	NVD-CWE-Other	CVE-2002-1546	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

350249	-	juniper	netscreen_screenos	Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated …	NVD-CWE-Other	CVE-2002-1547	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

350250	-	light_httpd	light_httpd	Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.	NVD-CWE-Other	CVE-2002-1549	2008-09-6 05:30	2003-03-31	Show	GitHub Exploit DB Packet Storm