Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
215061 10 危険 AndroidSU.com
Koushik Dutta
Chainfire		 - Android 用 ChainsDD Superuser パッケージなどの製品における任意の .jar ファイルをロードされる脆弱性 CWE-Other
その他 		CVE-2013-6774 2014-04-2 12:19 2013-11-13 Show GitHub Exploit DB Packet Storm
215062 6.8 警告 Koushik Dutta - Android 用 CyanogenMod/ClockWorkMod/Koush Superuser パッケージにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-6770 2014-04-2 12:18 2013-11-13 Show GitHub Exploit DB Packet Storm
215063 10 危険 Koushik Dutta - Android 用 CyanogenMod/ClockWorkMod/Koush Superuser パッケージにおける権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-6769 2014-04-2 12:18 2013-11-13 Show GitHub Exploit DB Packet Storm
215064 5 警告 Koushik Dutta - Android 用 CyanogenMod/ClockWorkMod/Koush Superuser パッケージにおけるトロイの木馬の app_process プログラムの起動を誘発される脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-6768 2014-04-2 12:17 2013-11-13 Show GitHub Exploit DB Packet Storm
215065 6.9 警告 オラクル - Oracle VirtualBox における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2014-0983 2014-04-2 10:56 2014-02-13 Show GitHub Exploit DB Packet Storm
215066 6.5 警告 Zoho Corporation - ManageEngine OpStor に複数の脆弱性 CWE-264
CWE-79
CWE-Other
CVE-2014-0344 2014-04-1 18:27 2014-03-27 Show GitHub Exploit DB Packet Storm
215067 3.5 注意 Zoho Corporation - ZOHO ManageEngine OpStor の Properties.do におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2670 2014-04-1 18:26 2014-03-27 Show GitHub Exploit DB Packet Storm
215068 7.1 危険 Linux - Linux カーネルの IPv6 jumbogram 処理に脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0006 2014-04-1 18:26 2010-01-29 Show GitHub Exploit DB Packet Storm
215069 5 警告 Mozilla Foundation - Android 上で稼動する Mozilla Firefox におけるプロファイルのランダム化保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1516 2014-04-1 18:25 2014-03-26 Show GitHub Exploit DB Packet Storm
215070 7.5 危険 IBM - 複数の IBM 製品における CLI アクセス権を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2014-0880 2014-04-1 17:34 2014-02-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297791 - alt-n mdaemon
worldclient 		Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown impact and attack vectors, probably related to cross-site scripting (XSS) and WorldClient DLL 10.0.1, a … NVD-CWE-noinfo
CVE-2008-6967 2017-08-17 10:29 2009-08-14 Show GitHub Exploit DB Packet Storm
297792 - pligg pligg_cms Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9.5 allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters. CWE-89
SQL Injection 		CVE-2008-6968 2017-08-17 10:29 2009-08-14 Show GitHub Exploit DB Packet Storm
297793 - pentasoft_corp. avactis_shopping_cart Multiple cross-site scripting (XSS) vulnerabilities in checkout.php in Avactis Shopping Cart 1.8.0 and 1.8.1 allow remote attackers to inject arbitrary web script or HTML via the (1) step_id and (2) … CWE-79
Cross-site Scripting 		CVE-2008-6969 2017-08-17 10:29 2009-08-14 Show GitHub Exploit DB Packet Storm
297794 - ubbcentral ubb.threads SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter. CWE-89
SQL Injection 		CVE-2008-6970 2017-08-17 10:29 2009-08-14 Show GitHub Exploit DB Packet Storm
297795 - karen_stevenson
yves_chedemois 		cck Multiple cross-site scripting (XSS) vulnerabilities in Drupal Content Construction Kit (CCK) 5.x through 5.x-1.8 allow remote authenticated users with "administer content" permissions to inject arbit… CWE-79
Cross-site Scripting 		CVE-2008-6972 2017-08-17 10:29 2009-08-14 Show GitHub Exploit DB Packet Storm
297796 - ibm websphere_commerce Multiple unspecified vulnerabilities in IBM WebSphere Commerce 6.0 before 6.0.0.7 have unknown impact and attack vectors. NVD-CWE-noinfo
CVE-2008-6973 2017-08-17 10:29 2009-08-14 Show GitHub Exploit DB Packet Storm
297797 - parallels plesk Plesk 8.6.0, when short mail login names (SHORTNAMES) are enabled, allows remote attackers to bypass authentication and send spam e-mail via a message with (1) a base64-encoded username that begins w… CWE-287
Improper Authentication 		CVE-2008-6984 2017-08-17 10:29 2009-08-19 Show GitHub Exploit DB Packet Storm
297798 - ezonescripts dating_website_script Unrestricted file upload vulnerability in eZoneScripts Dating Website script allows remote attackers to execute arbitrary code via unknown vectors. NOTE: the provenance of this information is unknow… NVD-CWE-Other
CVE-2008-6987 2017-08-17 10:29 2009-08-19 Show GitHub Exploit DB Packet Storm
297799 - phpauction phpauction phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. CWE-200
Information Exposure 		CVE-2008-6999 2017-08-17 10:29 2009-08-19 Show GitHub Exploit DB Packet Storm
297800 - phpauction phpauction PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2… CWE-94
Code Injection 		CVE-2008-7000 2017-08-17 10:29 2009-08-19 Show GitHub Exploit DB Packet Storm