Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229301 6.8 警告 GLPI-PROJECT.ORG - GLPI-PROJECT GLPI におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-4002 2012-10-12 15:45 2012-06-28 Show GitHub Exploit DB Packet Storm
229302 5 警告 OpenTTD - OpenTTD におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3436 2012-10-12 15:23 2012-07-27 Show GitHub Exploit DB Packet Storm
229303 6 警告 Pay With Tweet - WordPress 用 Pay With Tweet プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-5350 2012-10-12 15:21 2012-10-9 Show GitHub Exploit DB Packet Storm
229304 2.6 注意 Pay With Tweet - WordPress 用 Pay With Tweet プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5349 2012-10-12 15:20 2012-10-9 Show GitHub Exploit DB Packet Storm
229305 6.8 警告 Steven Wilson - MangosWeb Enhanced における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-5348 2012-10-12 15:18 2012-10-9 Show GitHub Exploit DB Packet Storm
229306 7.5 危険 TinyWebGallery - TinyWebGallery における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-5347 2012-10-12 15:18 2012-10-9 Show GitHub Exploit DB Packet Storm
229307 4.3 警告 Bence Meszaros - WordPress 用 WP Live.php モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5346 2012-10-12 15:11 2012-10-9 Show GitHub Exploit DB Packet Storm
229308 5 警告 Kepler Lam - IPtools の Remote command server におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-5345 2012-10-12 15:06 2012-10-9 Show GitHub Exploit DB Packet Storm
229309 5 警告 Kepler Lam - IPtools の WebServer におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-5344 2012-10-12 15:03 2012-10-9 Show GitHub Exploit DB Packet Storm
229310 4.3 警告 Limny - Limny の admin/login.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5343 2012-10-12 15:01 2012-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
285511 - citadel webcit Cross-site request forgery (CSRF) vulnerability in Webcit before 7.11 allows remote attackers to modify configurations and perform other actions as arbitrary users via unspecified vectors. NVD-CWE-Other
CVE-2007-3821 2018-10-16 06:31 2007-07-17 Show GitHub Exploit DB Packet Storm
285512 - citadel webcit Multiple cross-site scripting (XSS) vulnerabilities in Webcit before 7.11 allow remote attackers to inject arbitrary web script or HTML via (1) the who parameter to showuser; and other vectors involv… NVD-CWE-Other
CVE-2007-3822 2018-10-16 06:31 2007-07-17 Show GitHub Exploit DB Packet Storm
285513 - mozilla firefox Mozilla Firefox allows for cookies to be set with a null domain (aka "domainless cookies"), which allows remote attackers to pass information between arbitrary domains and track user activity, as dem… NVD-CWE-Other
CVE-2007-3827 2018-10-16 06:31 2007-07-18 Show GitHub Exploit DB Packet Storm
285514 - exlibris_group aleph Multiple cross-site scripting (XSS) vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered th… NVD-CWE-Other
CVE-2007-3834 2018-10-16 06:31 2007-07-18 Show GitHub Exploit DB Packet Storm
285515 - exlibris_group metalib Cross-site scripting (XSS) vulnerability in Ex Libris MetaLib 3.13 and 4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a resource id that can be di… NVD-CWE-Other
CVE-2007-3835 2018-10-16 06:31 2007-07-18 Show GitHub Exploit DB Packet Storm
285516 - mozilla firefox
seamonkey
thunderbird 		Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that in… NVD-CWE-Other
CVE-2007-3844 2018-10-16 06:31 2007-08-8 Show GitHub Exploit DB Packet Storm
285517 - linux linux_kernel Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which deliv… NVD-CWE-Other
CVE-2007-3848 2018-10-16 06:31 2007-08-15 Show GitHub Exploit DB Packet Storm
285518 - oracle database_server Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to have an unknown impact via (1) SYS.DBMS_DRS in the Da… NVD-CWE-Other
CVE-2007-3855 2018-10-16 06:31 2007-07-19 Show GitHub Exploit DB Packet Storm
285519 - oracle apex Unspecified vulnerability in Oracle Application Express (formerly Oracle HTML DB) 2.2.0.00.32 up to 3.0.0.00.20 allows developers to have an unknown impact via unknown attack vectors, aka APEX01. NO… NVD-CWE-Other
CVE-2007-3860 2018-10-16 06:31 2007-07-19 Show GitHub Exploit DB Packet Storm
285520 - oracle e-business_suite Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 12.0.1 has unknown impact and remote attack vectors, aka APPS01. NVD-CWE-Other
CVE-2007-3865 2018-10-16 06:31 2007-07-19 Show GitHub Exploit DB Packet Storm