Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
214551	4.3	警告	Open-Xchange	-	Open-Xchange AppSuite のパスワードリカバリサービスにおける潜在的に有用なパスワードパターンの情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2014-2391	2014-04-28 15:06	2014-04-8	Show	GitHub Exploit DB Packet Storm

214552	5.5	警告	Xen プロジェクト	-	Xen におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-2915	2014-04-28 14:56	2014-04-22	Show	GitHub Exploit DB Packet Storm

214553	7.5	危険	MODX	-	MODX Revolution における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-2736	2014-04-28 14:43	2014-04-4	Show	GitHub Exploit DB Packet Storm

214554	7.5	危険	レッドハット	-	Red Hat OpenShift Enterprise の openshift-origin-broker における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2014-0188	2014-04-28 14:36	2014-04-23	Show	GitHub Exploit DB Packet Storm

214555	5	警告	Sixnet	-	Sixnet SixView Manager におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-2976	2014-04-28 14:24	2014-04-22	Show	GitHub Exploit DB Packet Storm

214556	6.1	警告	シスコシステムズ	-	Cisco ASR 1000 シリーズのデバイスのソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-5723	2014-04-28 13:58	2012-11-2	Show	GitHub Exploit DB Packet Storm

214557	5	警告	シスコシステムズ	-	Cisco IOS におけるインターフェース ACL 制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3946	2014-04-28 13:58	2012-07-10	Show	GitHub Exploit DB Packet Storm

214558	5	警告	シスコシステムズ	-	Cisco Adaptive Security Appliance ソフトウェアの SIP 検査エンジンにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2014-2154	2014-04-28 13:57	2014-04-23	Show	GitHub Exploit DB Packet Storm

214559	6.4	警告	Applied Informatics Software Engineering GmbH	-	POCO C++ Libraries の NetSSL ライブラリにおけるワイルドカード証明書を適切に検証しない脆弱性	-	CVE-2014-0350	2014-04-28 12:53	2014-04-24	Show	GitHub Exploit DB Packet Storm

214560	4.3	警告	OTRS プロジェクト Novell	-	OTRS におけるクリックジャッキング攻撃を実行される脆弱性	CWE-20 不適切な入力確認	CVE-2014-2554	2014-04-28 12:03	2014-04-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
297671	-	phpwebgallery	phpwebgallery	PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with advisor privileges to obtain the real e-mail addresses of other users by editing the user's profile.	CWE-200 Information Exposure	CVE-2008-3451	2017-08-8 10:31	2008-08-5	Show	GitHub Exploit DB Packet Storm

297672	-	impresscms	impresscms	Multiple unspecified vulnerabilities in ImpressCMS 1.0 have unknown impact and attack vectors, related to modules/admin.php and "a few files."	NVD-CWE-noinfo	CVE-2008-3453	2017-08-8 10:31	2008-08-5	Show	GitHub Exploit DB Packet Storm

297673	-	phpmyadmin	phpmyadmin	phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing act…	CWE-59 Link Following	CVE-2008-3456	2017-08-8 10:31	2008-08-5	Show	GitHub Exploit DB Packet Storm

297674	-	phpmyadmin	phpmyadmin	Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this…	CWE-79 Cross-site Scripting	CVE-2008-3457	2017-08-8 10:31	2008-08-5	Show	GitHub Exploit DB Packet Storm

297675	-	openvpn	openvpn	Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute config…	NVD-CWE-noinfo CWE-16 Configuration	CVE-2008-3459	2017-08-8 10:31	2008-08-5	Show	GitHub Exploit DB Packet Storm

297676	-	openvpn	openvpn	The following events must take place for successful exploitation: 1) the client has agreed to allow the server to push configuration directives to it by including "pull" or the macro "client" in its…	NVD-CWE-noinfo CWE-16 Configuration	CVE-2008-3459	2017-08-8 10:31	2008-08-5	Show	GitHub Exploit DB Packet Storm

297677	-	panasonic	bb_hcm511 bb_hcm515 bb_hcm527 bb_hcm531 bb_hcm580 bb_hcm581 bl_c111 bl_c131	Cross-site scripting (XSS) vulnerability in the error page feature in Panasonic Network Camera BL-C111, BL-C131, BB-HCM511, BB-HCM531, BB-HCM580, BB-HCM581, BB-HCM527, and BB-HCM515 allows remote att…	CWE-79 Cross-site Scripting	CVE-2008-3482	2017-08-8 10:31	2008-08-6	Show	GitHub Exploit DB Packet Storm

297678	-	screwturn	screwturn_wiki	Cross-site scripting (XSS) vulnerability in ScrewTurn Wiki 2.0.29 and 2.0.30 allows remote attackers to inject arbitrary web script or HTML via error messages in the "/admin.aspx - System Log" page.	CWE-79 Cross-site Scripting	CVE-2008-3483	2017-08-8 10:31	2008-08-6	Show	GitHub Exploit DB Packet Storm

297679	-	aspindir	pcshey_portal	SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter.	CWE-89 SQL Injection	CVE-2008-3495	2017-08-8 10:31	2008-08-7	Show	GitHub Exploit DB Packet Storm

297680	-	ektron	cms4000.net	Unspecified vulnerability in "a page in the workarea folder" in Ektron CMS400.NET 7.00 through 7.04 and 7.50 through 7.52 has unknown impact and attack vectors.	NVD-CWE-noinfo	CVE-2008-3499	2017-08-8 10:31	2008-08-7	Show	GitHub Exploit DB Packet Storm