Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218921 5 警告 LIGHTTPD - lighttpd におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-2324 2014-07-28 17:03 2014-03-12 Show GitHub Exploit DB Packet Storm
218922 7.5 危険 LIGHTTPD - lighttpd の mod_mysql_vhost.c における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-2323 2014-07-28 17:02 2014-03-12 Show GitHub Exploit DB Packet Storm
218923 4.3 警告 RubyGems - rubygems におけるインストール中に gem を変更される脆弱性 CWE-310
暗号の問題 		CVE-2012-2126 2014-07-28 17:02 2012-04-19 Show GitHub Exploit DB Packet Storm
218924 5.8 警告 RubyGems - rubygems におけるインストール中に gem を監視または変更される脆弱性 CWE-Other
その他 		CVE-2012-2125 2014-07-28 17:02 2012-04-19 Show GitHub Exploit DB Packet Storm
218925 4.6 警告 X.Org Foundation - X.Org xf86-video-intel の tools/backlight_helper.c におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-4910 2014-07-28 15:39 2014-07-4 Show GitHub Exploit DB Packet Storm
218926 4.3 警告 Honeywell International Inc. - Honeywell FALCON XLWeb Linux コントローラおよび FALCON XLWeb XLWebExe コントローラにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3110 2014-07-28 13:48 2014-07-22 Show GitHub Exploit DB Packet Storm
218927 7.6 危険 Honeywell International Inc. - Honeywell FALCON XLWeb Linux コントローラおよび FALCON XLWeb XLWebExe コントローラにおける認証を回避される脆弱性 CWE-Other
その他 		CVE-2014-2717 2014-07-28 13:47 2014-07-22 Show GitHub Exploit DB Packet Storm
218928 7.5 危険 Ilya Birman - E2 における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-4736 2014-07-28 12:27 2014-07-3 Show GitHub Exploit DB Packet Storm
218929 6.4 警告 Huawei - Huawei E355 にクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2968 2014-07-25 16:16 2014-07-21 Show GitHub Exploit DB Packet Storm
218930 - - BulletProof Software - ** 削除 ** BulletProof FTP Client 2010 にスタックバッファオーバーフローの脆弱性 - CVE-2014-2973 2014-07-25 15:48 2014-07-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2471 8.4 HIGH
Local 		- - Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing that allows local attackers to bypass DEP protection via structured exception handling manipulation.… CWE-121
Stack-based Buffer Overflow 		CVE-2018-25383 2026-05-30 01:29 2026-05-30 Show GitHub Exploit DB Packet Storm
2472 8.2 HIGH
Network 		- - E-Registrasi Pencak Silat 18.10 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id_partai parame… CWE-89
SQL Injection 		CVE-2018-25385 2026-05-30 01:29 2026-05-30 Show GitHub Exploit DB Packet Storm
2473 8.2 HIGH
Network 		- - HaPe PKH 1.1 contains multiple SQL injection vulnerabilities in admin/media.php that allow attackers to manipulate database queries by injecting SQL code through the 'id' parameter. An unauthenticate… CWE-89
SQL Injection 		CVE-2018-25386 2026-05-30 01:29 2026-05-30 Show GitHub Exploit DB Packet Storm
2474 5.3 MEDIUM
Network 		- - HaPe PKH 1.1 contains a cross-site request forgery vulnerability that allows attackers to change administrator passwords by submitting forged requests to the user update endpoint. Attackers can craft… CWE-352
 Origin Validation Error 		CVE-2018-25387 2026-05-30 01:29 2026-05-30 Show GitHub Exploit DB Packet Storm
2475 8.8 HIGH
Network 		- - HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by bypassing file type validation. Attackers can upload PHP files through mu… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2018-25388 2026-05-30 01:29 2026-05-30 Show GitHub Exploit DB Packet Storm
2476 8.2 HIGH
Network 		- - HaPe PKH 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'nama_kelompok' POST parameter sent to lap-… CWE-89
SQL Injection 		CVE-2018-25389 2026-05-30 01:29 2026-05-30 Show GitHub Exploit DB Packet Storm
2477 8.2 HIGH
Network 		- - HaPe PKH 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'desa' POST parameter sent to lap-peserta-p… CWE-89
SQL Injection 		CVE-2018-25390 2026-05-30 01:29 2026-05-30 Show GitHub Exploit DB Packet Storm
2478 7.5 HIGH
Network 		- - HaPe PKH 1.1 fails to enforce authorization on its record deletion endpoints, allowing unauthenticated attackers to delete arbitrary records by sending a crafted request that specifies the target rec… CWE-862
 Missing Authorization 		CVE-2018-25391 2026-05-30 01:29 2026-05-30 Show GitHub Exploit DB Packet Storm
2479 7.1 HIGH
Network 		- - MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users to execute arbitrary SQL queries through the nomor, user, and jenis parameters in the log_activity f… CWE-89
SQL Injection 		CVE-2018-25392 2026-05-30 01:29 2026-05-30 Show GitHub Exploit DB Packet Storm
2480 6.5 MEDIUM
Network 		- - Navigate CMS 2.8.5 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by injecting directory traversal sequences in the id parameter. Attackers can se… CWE-22
Path Traversal 		CVE-2018-25393 2026-05-30 01:29 2026-05-30 Show GitHub Exploit DB Packet Storm