Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228631 4.3 警告 RSAセキュリティ - RSA EnVision のログオンページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4900 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
228632 2.1 注意 XWiki - XWiki Enterprise の Multiwiki プラグインにおける重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2007-4898 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
228633 4.3 警告 toms-seiten.at - Toms Gaestebuch の admin/header.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4896 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
228634 5 警告 sisfo kampus - Semarang 3 の dwoprn.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4895 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
228635 7.5 危険 WordPress.org - Wordpress および MU における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4894 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
228636 4.3 警告 WordPress.org - Wordpress および MU の wp-admin/admin-functions.php におけるクロスサイトスクリプティング (XSS) 攻撃を実行される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-4893 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
228637 7.5 危険 swsoft - Windows 用の SWSoft Plesk における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4892 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
228638 3.5 注意 XWiki - XWiki の "You are not allowed ..." のエラーハンドラにおける任意のドキュメントを読み取られる脆弱性 CWE-DesignError
CVE-2007-4888 2012-12-20 18:33 2007-01-11 Show GitHub Exploit DB Packet Storm
228639 4.3 警告 techexcel inc. - TechExcel CustomerWise におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4882 2012-12-20 18:33 2007-09-13 Show GitHub Exploit DB Packet Storm
228640 7.5 危険 psi-labs - psisns の profile/myprofile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4881 2012-12-20 18:33 2007-09-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347121 - ibm aix bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial … NVD-CWE-Other
CVE-2010-1124 2010-03-29 13:00 2010-03-27 Show GitHub Exploit DB Packet Storm
347122 - jbmc-software directadmin JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this tem… CWE-59
Link Following 		CVE-2009-1526 2010-03-29 13:00 2009-05-6 Show GitHub Exploit DB Packet Storm
347123 - skype skype Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors. NVD-CWE-noinfo
CVE-2009-4741 2010-03-29 13:00 2010-03-27 Show GitHub Exploit DB Packet Storm
347124 - arwscripts fonts_script Directory traversal vulnerability in viewfile.php in ARWScripts Fonts Script allows remote attackers to read arbitrary local files via directory traversal sequences in a base64-encoded f parameter. … CWE-22
Path Traversal 		CVE-2010-0613 2010-03-26 14:37 2010-02-12 Show GitHub Exploit DB Packet Storm
347125 - tristan_barczyk klonews Cross-site scripting (XSS) vulnerability in cat.php in KloNews 2.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. CWE-79
Cross-site Scripting 		CVE-2010-1112 2010-03-26 13:00 2010-03-26 Show GitHub Exploit DB Packet Storm
347126 - phptroubleticket php_trouble_ticket SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2010-1089 2010-03-25 13:00 2010-03-25 Show GitHub Exploit DB Packet Storm
347127 - scriptsfeed dating_software Multiple SQL injection vulnerabilities in searchmatch.php in ScriptsFeed Dating Software allow remote attackers to execute arbitrary SQL commands via the (1) txtgender and (2) txtlookgender parameter… CWE-89
SQL Injection 		CVE-2010-1096 2010-03-25 13:00 2010-03-25 Show GitHub Exploit DB Packet Storm
347128 - springsource application_management_suite
hyperic_hq
tc_server 		Multiple cross-site scripting (XSS) vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite (AMS) before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic H… CWE-79
Cross-site Scripting 		CVE-2009-2907 2010-03-25 13:00 2010-03-25 Show GitHub Exploit DB Packet Storm
347129 - springsource application_management_suite
hyperic_hq
tc_server 		Per: http://www.springsource.com/security/cve-2009-2907 'Mitigation: * Hyperic HQ Open Source users should upgrade to Hyperic HQ 4.2.x * Hyperic HQ 4.0 Enterprise users should upgra… CWE-79
Cross-site Scripting 		CVE-2009-2907 2010-03-25 13:00 2010-03-25 Show GitHub Exploit DB Packet Storm
347130 - openinferno oi.blogs Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via directory traversal sequences in the (1) theme pa… CWE-22
Path Traversal 		CVE-2010-1082 2010-03-25 04:52 2010-03-24 Show GitHub Exploit DB Packet Storm