Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216881 6.8 警告 Irfan Skiljan - IrfanView におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-6932 2014-01-7 19:24 2013-12-24 Show GitHub Exploit DB Packet Storm
216882 6.5 警告 サイボウズ - サイボウズ ガルーンにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-6929 2014-01-7 19:20 2013-12-25 Show GitHub Exploit DB Packet Storm
216883 5 警告 WesternDeal - WordPress 用 Advanced Dewplayer プラグインの download-file.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-7240 2014-01-7 18:50 2013-12-30 Show GitHub Exploit DB Packet Storm
216884 4.3 警告 Ad-minister Project - WordPress 用 Ad-minister プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6993 2014-01-7 18:49 2013-12-26 Show GitHub Exploit DB Packet Storm
216885 6.8 警告 AskApache - WordPress 用 AskApache Firefox Adsense プラグインの askapache-firefox-adsense.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-6992 2014-01-7 18:49 2013-12-26 Show GitHub Exploit DB Packet Storm
216886 4.3 警告 OKAMOTO Wataru - WordPress 用 WP-Cron Dashboard プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6991 2014-01-7 18:49 2013-12-26 Show GitHub Exploit DB Packet Storm
216887 8.5 危険 IBM - IBM i および zSeries サーバ上で稼働する z/OS の OSPF の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-5385 2014-01-7 17:35 2013-08-1 Show GitHub Exploit DB Packet Storm
216888 4.3 警告 Codiad - Codiad におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-7257 2014-01-7 17:22 2013-12-20 Show GitHub Exploit DB Packet Storm
216889 6.8 警告 Opsview - Opsview におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-7256 2014-01-7 17:13 2013-12-23 Show GitHub Exploit DB Packet Storm
216890 5.8 警告 Opsview - Opsview におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2013-7255 2014-01-7 17:12 2013-12-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
279121 - sun solaris
sunos 		/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option. NVD-CWE-Other
CVE-1999-1587 2018-10-31 01:25 1999-12-31 Show GitHub Exploit DB Packet Storm
279122 - microsoft internet_information_server
internet_information_services 		IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. NVD-CWE-Other
CVE-2000-0071 2018-10-31 01:25 2000-01-11 Show GitHub Exploit DB Packet Storm
279123 - microsoft commercial_internet_system
internet_information_server
internet_information_services
proxy_server
site_server
site_server_commerce 		IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka… NVD-CWE-Other
CVE-2000-0246 2018-10-31 01:25 2000-03-30 Show GitHub Exploit DB Packet Storm
279124 7.5 HIGH
Network 		microsoft internet_information_server
internet_information_services 		IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability. CWE-20
 Improper Input Validation  		CVE-2000-0258 2018-10-31 01:25 2000-04-12 Show GitHub Exploit DB Packet Storm
279125 - microsoft internet_information_server
internet_information_services 		Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimite… NVD-CWE-Other
CVE-2000-0304 2018-10-31 01:25 2000-05-10 Show GitHub Exploit DB Packet Storm
279126 - microsoft internet_information_server
internet_information_services 		IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulne… NVD-CWE-Other
CVE-2000-0408 2018-10-31 01:25 2000-05-11 Show GitHub Exploit DB Packet Storm
279127 - microsoft frontpage
internet_information_server
internet_information_services 		The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does n… NVD-CWE-Other
CVE-2000-0413 2018-10-31 01:25 2000-05-6 Show GitHub Exploit DB Packet Storm
279128 - microsoft internet_information_server
internet_information_services 		ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HT… NVD-CWE-Other
CVE-2000-0457 2018-10-31 01:25 2000-05-11 Show GitHub Exploit DB Packet Storm
279129 - microsoft internet_information_server
internet_information_services 		IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability. NVD-CWE-Other
CVE-2000-0630 2018-10-31 01:25 2000-07-17 Show GitHub Exploit DB Packet Storm
279130 - microsoft internet_information_server
internet_information_services 		An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to cause a denial of service by accessing the script without a particular argument, aka the "Absent D… NVD-CWE-Other
CVE-2000-0631 2018-10-31 01:25 2000-07-14 Show GitHub Exploit DB Packet Storm