Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228901 3.5 注意 TomatoCart - TomatoCart の PayPal Express Checkout モジュールに検証不備の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4934 2012-11-1 16:03 2012-10-31 Show GitHub Exploit DB Packet Storm
228902 1.4 注意 マイクロソフト - Simple Certificate Enrollment Protocol (SCEP) の実装に問題 - - 2012-11-1 15:59 2012-06-29 Show GitHub Exploit DB Packet Storm
228903 10 危険 Invision Power Services, Inc - Invision Power Board の admin/sources/base/core.php における脆弱性 CWE-noinfo
情報不足 		CVE-2012-5692 2012-11-1 11:55 2012-10-25 Show GitHub Exploit DB Packet Storm
228904 3.3 注意 DELL EMC (旧 EMC Corporation) - EMC Avamar Client for VMware における重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-4610 2012-11-1 11:54 2012-10-31 Show GitHub Exploit DB Packet Storm
228905 10 危険 Laurent Destailleur - AWStats の awredir.pl における脆弱性 CWE-noinfo
情報不足 		CVE-2012-4547 2012-11-1 11:53 2012-10-31 Show GitHub Exploit DB Packet Storm
228906 9.3 危険 VideoLAN - VideoLAN VLC media player の modules/demux/ty.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-0023 2012-11-1 11:53 2011-12-20 Show GitHub Exploit DB Packet Storm
228907 7.1 危険 シスコシステムズ - 複数の Cisco 製品におけるサービス運用妨害 (デバイスリロード) の脆弱性 CWE-119
バッファエラー 		CVE-2012-4663 2012-10-31 15:47 2012-10-10 Show GitHub Exploit DB Packet Storm
228908 7.1 危険 シスコシステムズ - 複数の Cisco 製品におけるサービス運用妨害 (デバイスリロード) の脆弱性 CWE-119
バッファエラー 		CVE-2012-4662 2012-10-31 15:45 2012-10-10 Show GitHub Exploit DB Packet Storm
228909 9 危険 シスコシステムズ - 複数の Cisco 製品におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-4661 2012-10-31 15:39 2012-10-10 Show GitHub Exploit DB Packet Storm
228910 7.8 危険 シスコシステムズ - Cisco ASA 5500 シリーズおよび Catalyst 6500 シリーズデバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2012-4660 2012-10-31 15:31 2012-10-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
284731 - x.org evi
mit-shm
xserver 		Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used … CWE-189
CWE-362
Numeric Errors
Race Condition 		CVE-2007-6429 2018-10-16 06:53 2008-01-19 Show GitHub Exploit DB Packet Storm
284732 - real_time_logic barracudadrive_web_server
barracudadrive_web_server_home_server 		BarracudaDrive Web Server before 3.8 allows remote attackers to read the source code for web scripts by appending a (1) + (plus), (2) . (dot), or (3) %80 and similar characters to the file name in th… CWE-20
 Improper Input Validation  		CVE-2007-6314 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284733 - real_time_logic barracudadrive_web_server
barracudadrive_web_server_home_server 		Group Chat in BarracudaDrive Web Server before 3.8 allows remote authenticated users to cause a denial of service (crash) via a HTTP request to /eh/chat.ehintf/C. that does not contain a Connection I… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-6315 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284734 - real_time_logic barracudadrive_web_server
barracudadrive_web_server_home_server 		Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server before 3.8 allows remote attackers to inject arbitrary web script or HTML via the URI path in an HTTP GET request, which is activ… CWE-79
Cross-site Scripting 		CVE-2007-6316 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284735 - real_time_logic barracudadrive_web_server
barracudadrive_web_server_home_server 		Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\ (dot dot backslash) sequences in the URL path, … CWE-22
Path Traversal 		CVE-2007-6317 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284736 - wordpress wordpress SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, … CWE-89
SQL Injection 		CVE-2007-6318 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284737 - lyris list_manager Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitra… NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-6319 2018-10-16 06:52 2008-02-20 Show GitHub Exploit DB Packet Storm
284738 - roundcube webmail Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML vi… CWE-79
Cross-site Scripting 		CVE-2007-6321 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284739 - microsoft office Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not sign the metadata of Office Open XML (OOXML) documents, which makes it easier for remote attackers to modify Dublin Core metadata fi… CWE-255
Credentials Management 		CVE-2007-6329 2018-10-16 06:52 2007-12-14 Show GitHub Exploit DB Packet Storm
284740 - meridian_software prolog_manager Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames and passwords to the client in a (1) cleartext or (2) weakly encrypted format to support client-side login authentication, which… NVD-CWE-Other
CVE-2007-6330 2018-10-16 06:52 2007-12-14 Show GitHub Exploit DB Packet Storm