Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
219821	3.5	注意	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-7217	2014-10-6 16:41	2014-10-1	Show	GitHub Exploit DB Packet Storm

219822	6.1	警告	Xen プロジェクト	-	Xen の HVMOP_track_dirty_vram におけるサービス運用妨害 (DoS) の脆弱性	CWE-362 競合状態	CVE-2014-7154	2014-10-6 15:08	2014-09-23	Show	GitHub Exploit DB Packet Storm

219823	10	危険	IBM	-	IBM Security Access Manager for Web および Security Access Manager for Mobile におけるシステムコマンドを挿入される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2014-4823	2014-10-6 14:19	2014-09-29	Show	GitHub Exploit DB Packet Storm

219824	7.1	危険	IBM	-	IBM Security Access Manager for Web の WebSEAL コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2014-4809	2014-10-6 14:18	2014-09-29	Show	GitHub Exploit DB Packet Storm

219825	6.8	警告	Exinda Networks Inc.	-	Exinda WAN Optimization Suite におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-7158	2014-10-6 14:03	2014-09-26	Show	GitHub Exploit DB Packet Storm

219826	4.3	警告	Exinda Networks Inc.	-	Exinda WAN Optimization Suite におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-7157	2014-10-6 14:02	2014-09-26	Show	GitHub Exploit DB Packet Storm

219827	6.5	警告	Postfix Project	-	Postfix Admin における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0811	2014-10-6 10:17	2012-01-16	Show	GitHub Exploit DB Packet Storm

219828	4.3	警告	CodEasily	-	WordPress 用 GRAND FlAGallery プラグインの facebook.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4624	2014-10-6 10:06	2011-12-1	Show	GitHub Exploit DB Packet Storm

219829	7.5	危険	WordPress.org	-	WordPress の log.header.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2003-1598	2014-10-3 17:00	2003-06-1	Show	GitHub Exploit DB Packet Storm

219830	6.5	警告	IBM	-	IBM WebSphere MQ における queue-manager のアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-4793	2014-10-3 16:50	2014-10-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
344021	-		darrens_5-dollar_script_archive	osdate	Cross-site scripting (XSS) vulnerability in showprofile.php in Darren's $5 Script Archive osDate 1.1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the onerror attri…	NVD-CWE-Other	CVE-2006-3767	2018-10-18 06:29	2006-07-21	Show	GitHub Exploit DB Packet Storm

344022	-		linux canonical debian	linux_kernel ubuntu_linux debian_linux	Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot …	NVD-CWE-Other	CVE-2006-4093	2018-10-18 02:00	2006-08-22	Show	GitHub Exploit DB Packet Storm

344023	-		linux canonical debian	linux_kernel ubuntu_linux debian_linux	Upgrade to Linux Kernel version 2.4.33.1	NVD-CWE-Other	CVE-2006-4093	2018-10-18 02:00	2006-08-22	Show	GitHub Exploit DB Packet Storm

344024	-		novell	groupwise_webaccess	Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 before 20060721 and WebAccess 7 before 20060727 allows remote attackers to inject arbitrary web script or …	NVD-CWE-Other	CVE-2006-3818	2018-10-18 01:58	2006-08-11	Show	GitHub Exploit DB Packet Storm

344025	-		novell	groupwise_webaccess	This has been fixed in any build of GroupWise 7 WebAccess dated after July 27, 2006. This has been fixed in any build of GroupWise 6.5 WebAccess dated after July 21, 2006.	NVD-CWE-Other	CVE-2006-3818	2018-10-18 01:58	2006-08-11	Show	GitHub Exploit DB Packet Storm

344026	-		jbmc_software	directadmin	Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML …	NVD-CWE-Other	CVE-2007-1926	2018-10-17 01:41	2007-04-11	Show	GitHub Exploit DB Packet Storm

344027	-		jbmc_software	directadmin	Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin allows remote attackers to inject arbitrary web script or HTML via the RESULT parameter, a different vector than CVE-2006-598…	NVD-CWE-Other	CVE-2007-1508	2018-10-17 01:38	2007-03-20	Show	GitHub Exploit DB Packet Storm

344028	5.6	MEDIUM Local	freebsd redhat sco sun ubuntu	freebsd enterprise_linux enterprise_linux_desktop fedora_core openserver unixware solaris ubuntu_linux	Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, …	NVD-CWE-Other	CVE-2005-0109	2018-10-16 21:06	2005-03-5	Show	GitHub Exploit DB Packet Storm

344029	-		info-zip	unzip	The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2008-0888	2018-10-16 07:03	2008-03-18	Show	GitHub Exploit DB Packet Storm

344030	-		microsoft	data_access_components index_server internet_information_server site_server	The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.	CWE-264 Permissions, Privileges, and Access Controls	CVE-1999-1011	2018-10-16 03:29	1999-07-19	Show	GitHub Exploit DB Packet Storm