Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
214941	7.1	危険	Linux	-	Linux Kernel の net/sctp/sm_statefuns.c 内の sctp_sf_do_5_1D_ce 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-0101	2014-04-8 15:53	2014-03-3	Show	GitHub Exploit DB Packet Storm

214942	6.2	警告	Linux	-	Linux Kernel の fs/cifs/file.c 内の cifs_iovec_write 関数における重要な情報を取得される脆弱性	CWE-119 バッファエラー	CVE-2014-0069	2014-04-8 15:52	2014-02-14	Show	GitHub Exploit DB Packet Storm

214943	4.3	警告	Ruby on Rails project	-	Ruby on Rails の actionview/lib/action_view/helpers/number_helper.rb におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0081	2014-04-8 15:48	2014-02-18	Show	GitHub Exploit DB Packet Storm

214944	4.3	警告	Horde	-	Horde Groupware Webmail Edition で使用される Horde Internet Mail Program におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6640	2014-04-8 14:40	2012-06-26	Show	GitHub Exploit DB Packet Storm

214945	4.3	警告	Horde	-	Horde Groupware Webmail Edition で使用される Horde Kronolith Calendar Application H4 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5567	2014-04-8 14:39	2012-11-14	Show	GitHub Exploit DB Packet Storm

214946	4.3	警告	Horde	-	Horde Groupware Webmail Edition で使用される Horde Kronolith Calendar Application H4 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5566	2014-04-8 14:33	2012-05-29	Show	GitHub Exploit DB Packet Storm

214947	4.3	警告	Horde	-	Horde Groupware Webmail Edition で使用される Horde Internet Mail Program におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5565	2014-04-8 14:32	2012-11-14	Show	GitHub Exploit DB Packet Storm

214948	4	警告	シスコシステムズ	-	Cisco Unity Connection のメッセージング API におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-2145	2014-04-8 14:30	2014-04-7	Show	GitHub Exploit DB Packet Storm

214949	6.1	警告	シスコシステムズ	-	Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-2144	2014-04-8 14:30	2014-04-4	Show	GitHub Exploit DB Packet Storm

214950	6.8	警告	Lee Howard	-	HylaFAX+ の hfaxd におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-5680	2014-04-8 13:59	2013-08-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
298001	-	xine	xine-lib	Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow remote attackers to execute arbitrary code via vectors that send ID3 data to the (1) id3v22_interp_frame and (2) id3v24_interp_fra…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2008-5246	2017-08-8 10:33	2008-11-26	Show	GitHub Exploit DB Packet Storm

298002	-	virtualox	virtualox	The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-$USER-ipc/lock temporary fil…	CWE-59 Link Following	CVE-2008-5256	2017-08-8 10:33	2008-11-27	Show	GitHub Exploit DB Packet Storm

298003	-	ibm	tivoli_access_manager_for_e-business	webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerabil…	CWE-20 Improper Input Validation	CVE-2008-5257	2017-08-8 10:33	2008-11-27	Show	GitHub Exploit DB Packet Storm

298004	-	toddwoolums	todd_woolums_asp_news_management	Todd Woolums ASP News Management 2.2 allows remote attackers to obtain news items via a direct request to (1) rss.asp, (2) viewheadings.asp, or (3) viewnews.asp. NOTE: the provenance of this informa…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2008-5274	2017-08-8 10:33	2008-11-29	Show	GitHub Exploit DB Packet Storm

298005	-	net2ftp	net2ftp	Multiple directory traversal vulnerabilities in the (a) "Unzip archive" and (b) "Upload files and archives" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, …	CWE-22 Path Traversal	CVE-2008-5275	2017-08-8 10:33	2008-11-29	Show	GitHub Exploit DB Packet Storm

298006	-	powerdns	powerdns	PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query.	NVD-CWE-noinfo CWE-16 Configuration	CVE-2008-5277	2017-08-8 10:33	2008-12-9	Show	GitHub Exploit DB Packet Storm

298007	-	wordpress	wordpress	Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-includes/feed.php) for WordPress before 2.6.5 allows remote attackers to inject arbitrary web scrip…	CWE-79 Cross-site Scripting	CVE-2008-5278	2017-08-8 10:33	2008-11-29	Show	GitHub Exploit DB Packet Storm

298008	-	wordpress	wordpress	http://wordpress.org/development/2008/11/wordpress-265/ The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2…	CWE-79 Cross-site Scripting	CVE-2008-5278	2017-08-8 10:33	2008-11-29	Show	GitHub Exploit DB Packet Storm

298009	-	gallery	gallery	Gallery 1.5.x before 1.5.10 and 1.6 before 1.6-RC3, when register_globals is enabled, allows remote attackers to bypass authentication and gain administrative via unspecified cookies. NOTE: some of …	CWE-287 Improper Authentication	CVE-2008-5296	2017-08-8 10:33	2008-12-2	Show	GitHub Exploit DB Packet Storm

298010	-	karakas-online	chm2pdf	chm2pdf 0.9 uses temporary files in directories with fixed names, which allows local users to cause a denial of service (chm2pdf failure) of other users by creating those directories ahead of time.	NVD-CWE-Other	CVE-2008-5298	2017-08-8 10:33	2008-12-2	Show	GitHub Exploit DB Packet Storm