Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218901 4.4 警告 IBM
オラクル		 - Oracle Application Server の Outside In Technology コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-1011 2014-02-21 16:15 2009-04-15 Show GitHub Exploit DB Packet Storm
218902 4.4 警告 IBM
オラクル		 - Oracle Application Server の Outside In Technology コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-1010 2014-02-21 16:13 2009-04-15 Show GitHub Exploit DB Packet Storm
218903 4.4 警告 IBM
オラクル		 - Oracle Application Server の Outside In Technology コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-1009 2014-02-21 16:13 2009-04-15 Show GitHub Exploit DB Packet Storm
218904 4.4 警告 IBM
オラクル		 - Oracle Application Server の Outside In Technology コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-1008 2014-02-21 16:12 2009-04-15 Show GitHub Exploit DB Packet Storm
218905 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR における ASLR 保護メカニズムを破られる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0492 2014-02-21 13:40 2014-01-14 Show GitHub Exploit DB Packet Storm
218906 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR における不特定の保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0491 2014-02-21 13:40 2014-01-14 Show GitHub Exploit DB Packet Storm
218907 3.5 注意 The phpMyAdmin Project - phpMyAdmin の import.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-1879 2014-02-21 12:26 2014-02-15 Show GitHub Exploit DB Packet Storm
218908 5.8 警告 feep.net - libtar の tar_extract_glob および tar_extract_all 関数におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-4420 2014-02-21 12:25 2013-12-10 Show GitHub Exploit DB Packet Storm
218909 5 警告 シスコシステムズ - Cisco Unified Communications Manager の Enterprise License Manager コンポーネントにおける ELM ファイルを読まれる脆弱性 CWE-287
不適切な認証 		CVE-2014-0733 2014-02-21 11:42 2014-02-19 Show GitHub Exploit DB Packet Storm
218910 6.8 警告 シスコシステムズ - Cisco Unified Communications Manager の Call Detail Records Analysis and Reporting ページにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-0736 2014-02-21 11:37 2014-02-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
350651 - christof_pohl improved_mod_frontpage Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges. NVD-CWE-Other
CVE-2002-0427 2008-09-6 05:27 2002-08-12 Show GitHub Exploit DB Packet Storm
350652 - les_vanbrunt adrotate_pro get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack. NVD-CWE-Other
CVE-2001-1224 2008-09-6 05:26 2001-12-23 Show GitHub Exploit DB Packet Storm
350653 - hughes msql Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried. NVD-CWE-Other
CVE-2001-1225 2008-09-6 05:26 2001-12-26 Show GitHub Exploit DB Packet Storm
350654 - adcycle adcycle AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database. NVD-CWE-Other
CVE-2001-1226 2008-09-6 05:26 2001-12-25 Show GitHub Exploit DB Packet Storm
350655 - gallery_project gallery Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable. NVD-CWE-Other
CVE-2001-1234 2008-09-6 05:26 2001-10-2 Show GitHub Exploit DB Packet Storm
350656 - engardelinux secure_linux The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access. NVD-CWE-Other
CVE-2001-1240 2008-09-6 05:26 2001-07-11 Show GitHub Exploit DB Packet Storm
350657 - opera_software opera_web_browser Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name. NVD-CWE-Other
CVE-2001-1245 2008-09-6 05:26 2001-07-9 Show GitHub Exploit DB Packet Storm
350658 - com2001 alexis_server Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users. NVD-CWE-Other
CVE-2001-1253 2008-09-6 05:26 2001-09-27 Show GitHub Exploit DB Packet Storm
350659 - avaya argent_office Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. NVD-CWE-Other
CVE-2001-1259 2008-09-6 05:26 2001-08-7 Show GitHub Exploit DB Packet Storm
350660 - avaya argent_office Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during … NVD-CWE-Other
CVE-2001-1260 2008-09-6 05:26 2001-08-7 Show GitHub Exploit DB Packet Storm