Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230191 7.5 危険 Mahara - mahara の lib/user.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0400 2012-09-25 17:38 2010-04-7 Show GitHub Exploit DB Packet Storm
230192 6.8 警告 nanosleep - Trac Git プラグインの PyGIT.py における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0394 2012-09-25 17:38 2010-02-3 Show GitHub Exploit DB Packet Storm
230193 5 警告 JCE-Tech.com - JCE-Tech PHP Calendars の install.php におけるアクセス制限を回避する脆弱性 CWE-16
CWE-264
CVE-2010-0380 2012-09-25 17:38 2010-01-22 Show GitHub Exploit DB Packet Storm
230194 4.3 警告 JCE-Tech.com - JCE-Tech PHP Calendars の product_list.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0376 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230195 7.5 危険 JCE-Tech.com - JCE-Tech PHP Calendars の product_list.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0375 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230196 7.5 危険 Joomla! - Joomla! 用の libros コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0373 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230197 7.5 危険 hong chuyen - Joomla! の articlemanager コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0372 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230198 4.3 警告 hitmaaan - Hitmaaan Gallery の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0371 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230199 7.5 危険 matthias graubner - Helpdesk エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0333 2012-09-25 17:38 2010-01-15 Show GitHub Exploit DB Packet Storm
230200 7.5 危険 julian fries - TYPO3 用の Googlemaps for tt_news 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0330 2012-09-25 17:38 2010-01-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
298541 - dotproject dotproject dotProject before 2.1 does not properly check privileges when invoking the Companies module, which allows remote attackers to access this module via a crafted URL. NOTE: some of these details are ob… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-5486 2017-07-29 10:33 2007-10-17 Show GitHub Exploit DB Packet Storm
298542 - asterisk asterisk-addons Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) … CWE-89
SQL Injection 		CVE-2007-5488 2017-07-29 10:33 2007-10-18 Show GitHub Exploit DB Packet Storm
298543 - openssl fips_object_module The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes … CWE-310
Cryptographic Issues 		CVE-2007-5502 2017-07-29 10:33 2007-12-1 Show GitHub Exploit DB Packet Storm
298544 - runcms runcms Unspecified vulnerability in newbb_plus in RunCms 1.5.2 has unknown impact and attack vectors. NVD-CWE-noinfo
CVE-2007-5535 2017-07-29 10:33 2007-10-18 Show GitHub Exploit DB Packet Storm
298545 - cisco unified_callmanager
unified_communications_manager 		Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP… CWE-399
 Resource Management Errors 		CVE-2007-5537 2017-07-29 10:33 2007-10-18 Show GitHub Exploit DB Packet Storm
298546 - cisco unified_callmanager
unified_communications_manager 		Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attacke… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-5538 2017-07-29 10:33 2007-10-18 Show GitHub Exploit DB Packet Storm
298547 - cisco unified_contact_center_enterprise
unified_contact_center_hosted
unified_icm_hosted
unified_intelligent_contact_management_enterprise 		Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH),… NVD-CWE-noinfo
CVE-2007-5539 2017-07-29 10:33 2007-10-18 Show GitHub Exploit DB Packet Storm
298548 - opera opera_browser Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors. CWE-20
 Improper Input Validation  		CVE-2007-5541 2017-07-29 10:33 2007-10-18 Show GitHub Exploit DB Packet Storm
298549 - netgear ssl312 Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via t… CWE-79
Cross-site Scripting 		CVE-2007-5562 2017-07-29 10:33 2007-10-19 Show GitHub Exploit DB Packet Storm
298550 - galmeta galmeta_post PHP remote file inclusion vulnerability in _lib/fckeditor/upload_config.php in Galmeta Post 0.11 allows remote attackers to execute arbitrary PHP code via a URL in the DDS parameter. CWE-94
Code Injection 		CVE-2007-5567 2017-07-29 10:33 2007-10-19 Show GitHub Exploit DB Packet Storm