Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230401 7.5 危険 ultrashareware - Ultra Crypto コンポーネントの CryptoX.dll におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4903 2012-12-20 18:33 2007-09-17 Show GitHub Exploit DB Packet Storm
230402 6.4 警告 ultrashareware - Ultra Crypto コンポーネントの CryptoX.dll における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4902 2012-12-20 18:33 2007-09-17 Show GitHub Exploit DB Packet Storm
230403 4.3 警告 RSAセキュリティ - RSA EnVision のログオンページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4900 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
230404 2.1 注意 XWiki - XWiki Enterprise の Multiwiki プラグインにおける重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2007-4898 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
230405 4.3 警告 toms-seiten.at - Toms Gaestebuch の admin/header.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4896 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
230406 5 警告 sisfo kampus - Semarang 3 の dwoprn.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4895 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
230407 7.5 危険 WordPress.org - Wordpress および MU における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4894 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
230408 4.3 警告 WordPress.org - Wordpress および MU の wp-admin/admin-functions.php におけるクロスサイトスクリプティング (XSS) 攻撃を実行される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-4893 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
230409 7.5 危険 swsoft - Windows 用の SWSoft Plesk における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4892 2012-12-20 18:33 2007-09-14 Show GitHub Exploit DB Packet Storm
230410 3.5 注意 XWiki - XWiki の "You are not allowed ..." のエラーハンドラにおける任意のドキュメントを読み取られる脆弱性 CWE-DesignError
CVE-2007-4888 2012-12-20 18:33 2007-01-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292821 5.9 MEDIUM
Network 		libexpat_project
google
canonical
debian 		libexpat
android
ubuntu_linux
debian_linux 		Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors in… CWE-310
Cryptographic Issues 		CVE-2012-6702 2024-11-21 10:46 2016-06-17 Show GitHub Exploit DB Packet Storm
292822 7.8 HIGH
Local 		linux linux_kernel Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. CWE-190
 Integer Overflow or Wraparound 		CVE-2012-6701 2024-11-21 10:46 2016-05-2 Show GitHub Exploit DB Packet Storm
292823 7.8 HIGH
Local 		linux linux_kernel The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netli… CWE-284
Improper Access Control 		CVE-2012-6689 2024-11-21 10:46 2016-05-2 Show GitHub Exploit DB Packet Storm
292824 7.5 HIGH
Network 		debian
dhcpcd_project 		debian_linux
dhcpcd 		The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-6700 2024-11-21 10:46 2016-04-12 Show GitHub Exploit DB Packet Storm
292825 7.5 HIGH
Network 		debian
dhcpcd_project 		debian_linux
dhcpcd 		The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a crafted response. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-6699 2024-11-21 10:46 2016-04-12 Show GitHub Exploit DB Packet Storm
292826 7.5 HIGH
Network 		debian
dhcpcd_project 		debian_linux
dhcpcd 		The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-6698 2024-11-21 10:46 2016-04-12 Show GitHub Exploit DB Packet Storm
292827 - gehealthcare centricity_pacs_workstation GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of ddpadmin for the ddpadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password… CWE-255
Credentials Management 		CVE-2012-6695 2024-11-21 10:46 2015-08-4 Show GitHub Exploit DB Packet Storm
292828 - gehealthcare centricity_pacs_workstation
centricity_pacs_server 		GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1, and Server 4.0, has a password of 2charGE for the geservice account, which has unspecified impact and attack vectors related to TimbuktuPro. … CWE-255
Credentials Management 		CVE-2012-6694 2024-11-21 10:46 2015-08-4 Show GitHub Exploit DB Packet Storm
292829 - gehealthcare centricity_pacs_server GE Healthcare Centricity PACS 4.0 Server has a default password of (1) nasro for the nasro (ReadOnly) user and (2) nasrw for the nasrw (Read/Write) user, which has unspecified impact and attack vecto… CWE-255
Credentials Management 		CVE-2012-6693 2024-11-21 10:46 2015-08-4 Show GitHub Exploit DB Packet Storm
292830 - gehealthcare precision_mpi GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact… CWE-255
Credentials Management 		CVE-2012-6660 2024-11-21 10:46 2015-08-4 Show GitHub Exploit DB Packet Storm