Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230381 4.3 警告 phpsysinfo - phpSysInfo の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4048 2012-12-20 18:33 2007-07-30 Show GitHub Exploit DB Packet Storm
230382 5 警告 securecomputing - Secure Computing SecurityReporter の file.cgi における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2007-4043 2012-12-20 18:33 2007-07-27 Show GitHub Exploit DB Packet Storm
230383 9.3 危険 Yahoo! - Yahoo! Widgets の YDPCTL.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4034 2012-12-20 18:33 2007-07-27 Show GitHub Exploit DB Packet Storm
230384 7.5 危険 webSPELL - Webspell の index.php における絶対パストラバーサルの脆弱性 - CVE-2007-4028 2012-12-20 18:33 2007-07-26 Show GitHub Exploit DB Packet Storm
230385 6.8 警告 Telaxus LLC - epesi framework における任意の PHP コードを実行される脆弱性 - CVE-2007-4026 2012-12-20 18:33 2007-07-26 Show GitHub Exploit DB Packet Storm
230386 4.3 警告 サン・マイクロシステムズ - Windows 用の SJS Application Server における JSP ソースコードを取得される脆弱性 - CVE-2007-4025 2012-12-20 18:33 2007-07-24 Show GitHub Exploit DB Packet Storm
230387 4.3 警告 w1l3d4 - W1L3D4 Philboard の W1L3D4_aramasonuc.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4024 2012-12-20 18:33 2007-07-26 Show GitHub Exploit DB Packet Storm
230388 4.3 警告 WordPress.org - WordPress 用の Blix テーマなどに関する特定の index.php インストールスクリプトにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-4014 2012-12-20 18:33 2007-07-25 Show GitHub Exploit DB Packet Storm
230389 6.8 警告 virtual hosting control system - VHCS におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-3988 2012-12-20 18:33 2007-07-25 Show GitHub Exploit DB Packet Storm
230390 5 警告 securecomputing - Secure Computing SecurityReporter の file.cgi における認証を回避される脆弱性 - CVE-2007-3986 2012-12-20 18:33 2007-07-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292941 - twiki
foswiki 		twiki
foswiki 		The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large i… CWE-189
Numeric Errors 		CVE-2012-6330 2024-11-21 10:46 2013-01-5 Show GitHub Exploit DB Packet Storm
292942 - perl perl The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket n… CWE-94
Code Injection 		CVE-2012-6329 2024-11-21 10:46 2013-01-5 Show GitHub Exploit DB Packet Storm
292943 - rubyonrails rails The Authlogic gem for Ruby on Rails, when used with certain versions before 3.2.10, makes potentially unsafe find_by_id method calls, which might allow remote attackers to conduct CVE-2012-6496 SQL i… CWE-89
SQL Injection 		CVE-2012-6497 2024-11-21 10:46 2013-01-4 Show GitHub Exploit DB Packet Storm
292944 - rubyonrails rails
ruby_on_rails 		SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a … CWE-89
SQL Injection 		CVE-2012-6496 2024-11-21 10:46 2013-01-4 Show GitHub Exploit DB Packet Storm
292945 - e107 e107 Multiple cross-site request forgery (CSRF) vulnerabilities in e107_admin/download.php in e107 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL… CWE-352
 Origin Validation Error 		CVE-2012-6434 2024-11-21 10:46 2013-01-3 Show GitHub Exploit DB Packet Storm
292946 - e107 e107 Cross-site request forgery (CSRF) vulnerability in e107_admin/newspost.php in e107 1.0.1 allows remote attackers to hijack the authentication of administrators for requests that conduct XSS attacks v… CWE-352
 Origin Validation Error 		CVE-2012-6433 2024-11-21 10:46 2013-01-3 Show GitHub Exploit DB Packet Storm
292947 - moinmo moinmoin Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users w… CWE-22
Path Traversal 		CVE-2012-6495 2024-11-21 10:46 2013-01-3 Show GitHub Exploit DB Packet Storm
292948 - opera opera_browser Opera before 12.12 on UNIX uses weak permissions for the profile directory, which allows local users to obtain sensitive information by reading a (1) cache file, (2) password file, or (3) configurati… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-6472 2024-11-21 10:46 2013-01-2 Show GitHub Exploit DB Packet Storm
292949 - opera opera_browser Opera before 12.12 allows remote attackers to spoof the address field via a high rate of HTTP requests. NVD-CWE-Other
CVE-2012-6471 2024-11-21 10:46 2013-01-2 Show GitHub Exploit DB Packet Storm
292950 - opera opera_browser Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-6470 2024-11-21 10:46 2013-01-2 Show GitHub Exploit DB Packet Storm