Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217801 4.3 警告 Ruby on Rails project - Ruby on Rails の actionview/lib/action_view/helpers/number_helper.rb におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0081 2014-04-8 15:48 2014-02-18 Show GitHub Exploit DB Packet Storm
217802 4.3 警告 Horde - Horde Groupware Webmail Edition で使用される Horde Internet Mail Program におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6640 2014-04-8 14:40 2012-06-26 Show GitHub Exploit DB Packet Storm
217803 4.3 警告 Horde - Horde Groupware Webmail Edition で使用される Horde Kronolith Calendar Application H4 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5567 2014-04-8 14:39 2012-11-14 Show GitHub Exploit DB Packet Storm
217804 4.3 警告 Horde - Horde Groupware Webmail Edition で使用される Horde Kronolith Calendar Application H4 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5566 2014-04-8 14:33 2012-05-29 Show GitHub Exploit DB Packet Storm
217805 4.3 警告 Horde - Horde Groupware Webmail Edition で使用される Horde Internet Mail Program におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5565 2014-04-8 14:32 2012-11-14 Show GitHub Exploit DB Packet Storm
217806 4 警告 シスコシステムズ - Cisco Unity Connection のメッセージング API におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-2145 2014-04-8 14:30 2014-04-7 Show GitHub Exploit DB Packet Storm
217807 6.1 警告 シスコシステムズ - Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2144 2014-04-8 14:30 2014-04-4 Show GitHub Exploit DB Packet Storm
217808 6.8 警告 Lee Howard - HylaFAX+ の hfaxd におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-5680 2014-04-8 13:59 2013-08-6 Show GitHub Exploit DB Packet Storm
217809 4.3 警告 Klaus Purer - Drupal 用 RESTful Web Services モジュールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-1946 2014-04-8 13:36 2013-04-10 Show GitHub Exploit DB Packet Storm
217810 4 警告 ヒューレット・パッカード - HP IceWall Identity Manager および IceWall SSO パスワードリセットオプションにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2014-2600 2014-04-8 12:27 2014-04-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347261 - geeklog geeklog Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account. NVD-CWE-Other
CVE-2002-0097 2008-09-11 04:11 2002-03-25 Show GitHub Exploit DB Packet Storm
347262 - scott_parish chuid Directory traversal vulnerability in chuid 1.2 and earlier allows remote attackers to change the ownership of files outside of the upload directory via a .. (dot dot) attack. NVD-CWE-Other
CVE-2002-0144 2008-09-11 04:11 2002-03-25 Show GitHub Exploit DB Packet Storm
347263 - apple quicktime Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field. NVD-CWE-Other
CVE-2002-0376 2008-09-11 04:11 2002-09-24 Show GitHub Exploit DB Packet Storm
347264 - astart_technologies lprng The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts. NVD-CWE-Other
CVE-2002-0378 2008-09-11 04:11 2002-07-3 Show GitHub Exploit DB Packet Storm
347265 - rob_flynn gaim Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. NVD-CWE-Other
CVE-2002-0384 2008-09-11 04:11 2002-10-4 Show GitHub Exploit DB Packet Storm
347266 - oracle application_server The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (d… NVD-CWE-Other
CVE-2002-0386 2008-09-11 04:11 2002-11-4 Show GitHub Exploit DB Packet Storm
347267 - isc bind ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset para… NVD-CWE-Other
CVE-2002-0400 2008-09-11 04:11 2002-06-18 Show GitHub Exploit DB Packet Storm
347268 - peaceworks_computer_consulting phormation Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable. NVD-CWE-Other
CVE-2001-1237 2008-09-11 04:10 2001-10-2 Show GitHub Exploit DB Packet Storm
347269 - connect_inc. powernet_ix PowerNet IX allows remote attackers to cause a denial of service via a port scan. NVD-CWE-Other
CVE-2001-1239 2008-09-11 04:10 2001-06-29 Show GitHub Exploit DB Packet Storm
347270 - steve_grimm un-cgi Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document … NVD-CWE-Other
CVE-2001-1241 2008-09-11 04:10 2001-07-17 Show GitHub Exploit DB Packet Storm