Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230581 4.3 警告 smart-shop - Smart-Shop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5725 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
230582 6.8 警告 profilecms - ProfileCMS の profiles スクリプトにおける任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5720 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
230583 4.9 警告 vobcopy - vobcopy における任意のファイルへデータを追加される脆弱性 CWE-59
リンク解釈の問題 		CVE-2007-5718 2012-12-20 18:33 2007-10-30 Show GitHub Exploit DB Packet Storm
230584 4.4 警告 VMware - VMware Workstation などの VMware Tools パッケージにおけるゲストカーネルメモリ内で任意のメモリ領域を変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5671 2012-12-20 18:33 2008-06-4 Show GitHub Exploit DB Packet Storm
230585 10 危険 TIBCO Software - TIBCO SmartSockets RTserver などの製品におけるヒープベースのバッファオーバーフローの脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5658 2012-12-20 18:33 2008-01-15 Show GitHub Exploit DB Packet Storm
230586 10 危険 TIBCO Software - TIBCO SmartSockets Rtserver などの製品における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5657 2012-12-20 18:33 2008-01-15 Show GitHub Exploit DB Packet Storm
230587 10 危険 TIBCO Software - TIBCO SmartSockets RTserver などの製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2007-5656 2012-12-20 18:33 2008-01-15 Show GitHub Exploit DB Packet Storm
230588 10 危険 TIBCO Software - TIBCO SmartSockets RTserve などの製品における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2007-5655 2012-12-20 18:33 2008-01-15 Show GitHub Exploit DB Packet Storm
230589 10 危険 サン・マイクロシステムズ - x86 上の Sun Fire X2100 M2 および X2200 M2 ELOM における SP 上でルートとして任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2007-5717 2012-12-20 18:33 2007-09-28 Show GitHub Exploit DB Packet Storm
230590 2.6 注意 WordPress.org - WordPress の wp-admin/edit-post-rows.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5710 2012-12-20 18:33 2007-10-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293711 - theforeman foreman Multiple SQL injection vulnerabilities in Foreman before 1.0.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) app/models/hostext/search.rb or (2) app/model… CWE-89
SQL Injection 		CVE-2012-5648 2024-11-21 10:45 2014-04-4 Show GitHub Exploit DB Packet Storm
293712 - apache couchdb Cross-site scripting (XSS) vulnerability in the Futon UI in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via … CWE-79
Cross-site Scripting 		CVE-2012-5650 2024-11-21 10:45 2014-03-19 Show GitHub Exploit DB Packet Storm
293713 - apache
mochiweb_project 		couchdb
mochiweb 		Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows … CWE-22
Path Traversal 		CVE-2012-5641 2024-11-21 10:45 2014-03-19 Show GitHub Exploit DB Packet Storm
293714 - imagecms imagecms SQL injection vulnerability in ImageCMS before 4.2 allows remote authenticated administrators to execute arbitrary SQL commands via the q parameter to admin/admin_search/. NOTE: this can be leverage… CWE-89
SQL Injection 		CVE-2012-6290 2024-11-21 10:45 2014-03-12 Show GitHub Exploit DB Packet Storm
293715 - hp linux_imaging_and_printing_project HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writable permissions for /var/log/hp and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operation… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-6108 2024-11-21 10:45 2014-02-15 Show GitHub Exploit DB Packet Storm
293716 - redhat satellite
satellite_5_managed_db
spacewalk-java 		Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the… CWE-79
Cross-site Scripting 		CVE-2012-6149 2024-11-21 10:45 2014-02-15 Show GitHub Exploit DB Packet Storm
293717 - pidgin pidgin The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte … CWE-20
 Improper Input Validation  		CVE-2012-6152 2024-11-21 10:45 2014-02-7 Show GitHub Exploit DB Packet Storm
293718 - zabbix zabbix libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-… CWE-310
Cryptographic Issues 		CVE-2012-6086 2024-11-21 10:45 2014-01-30 Show GitHub Exploit DB Packet Storm
293719 - apple
canonical
net-snmp 		mac_os_x
ubuntu_linux
net-snmp 		Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, … CWE-399
 Resource Management Errors 		CVE-2012-6151 2024-11-21 10:45 2013-12-14 Show GitHub Exploit DB Packet Storm
293720 - samba
canonical 		samba
ubuntu_linux 		The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which all… CWE-20
 Improper Input Validation  		CVE-2012-6150 2024-11-21 10:45 2013-12-4 Show GitHub Exploit DB Packet Storm