Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230591	4.3	警告	RSAセキュリティ	-	RSA KEON Registration Authority Web Interface におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5703	2012-12-20 18:33	2007-10-29	Show	GitHub Exploit DB Packet Storm

230592	6.8	警告	phpimage	-	PHP Image における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5697	2012-12-20 18:33	2007-10-29	Show	GitHub Exploit DB Packet Storm

230593	6.8	警告	phpbasic	-	phpBasic の includes.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5696	2012-12-20 18:33	2007-10-29	Show	GitHub Exploit DB Packet Storm

230594	6.4	警告	sitebar	-	SiteBar の command.php におけるオープンリダイレクトの脆弱性	CWE-59 リンク解釈の問題	CVE-2007-5695	2012-12-20 18:33	2007-10-29	Show	GitHub Exploit DB Packet Storm

230595	6.8	警告	sitebar	-	SiteBar の translator.php における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-5694	2012-12-20 18:33	2007-10-29	Show	GitHub Exploit DB Packet Storm

230596	6	警告	sitebar	-	SiteBar の translator.php における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2007-5693	2012-12-20 18:33	2007-10-29	Show	GitHub Exploit DB Packet Storm

230597	4.3	警告	sitebar	-	SiteBar におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5692	2012-12-20 18:33	2007-10-29	Show	GitHub Exploit DB Packet Storm

230598	4.9	警告	rPath, Inc	-	rPath Linux の initscripts における認証試行の重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-5686	2012-12-20 18:33	2007-10-11	Show	GitHub Exploit DB Packet Storm

230599	5	警告	serverkit	-	shttp の safe_path 関数におけるディレクトリトラバーサル攻撃を実行される脆弱性	CWE-22 パス・トラバーサル	CVE-2007-5685	2012-12-20 18:33	2007-10-28	Show	GitHub Exploit DB Packet Storm

230600	7.5	危険	Tiki Software Community Association	-	TikiWiki におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-5684	2012-12-20 18:33	2007-10-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293491	-	ibm	tivoli_federated_identity_manager tivoli_federated_identity_manager_business_gateway	IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.11, 6.2.1 before 6.2.1.3, and 6.2.2 before 6.2.2.2 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.1…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-6359	2024-11-21 10:46	2013-01-19	Show	GitHub Exploit DB Packet Storm

293492	-	samba	samba	Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authen…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0172	2024-11-21 10:46	2013-01-18	Show	GitHub Exploit DB Packet Storm

293493	-	cisco	quad webex_social	Cross-site scripting (XSS) vulnerability in Cisco WebEx Social (formerly Cisco Quad) allows remote attackers to inject arbitrary web script or HTML via a crafted RSS service link, aka Bug ID CSCub619…	CWE-79 Cross-site Scripting	CVE-2012-6397	2024-11-21 10:46	2013-01-18	Show	GitHub Exploit DB Packet Storm

293494	-	cisco	prime_lan_management_solution	Cisco Prime LAN Management Solution (LMS) 4.1 through 4.2.2 on Linux does not properly validate authentication and authorization requests in TCP sessions, which allows remote attackers to execute arb…	CWE-20 Improper Input Validation	CVE-2012-6392	2024-11-21 10:46	2013-01-18	Show	GitHub Exploit DB Packet Storm

293495	-	rubyonrails debian	ruby_on_rails rails debian_linux	active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which …	CWE-20 Improper Input Validation	CVE-2013-0156	2024-11-21 10:46	2013-01-14	Show	GitHub Exploit DB Packet Storm

293496	-	rubyonrails debian	ruby_on_rails rails debian_linux	Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implement…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0155	2024-11-21 10:46	2013-01-14	Show	GitHub Exploit DB Packet Storm

293497	-	xen	xen	The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest administrators to cause a denial of service (assertion failure and hypervisor crash…	NVD-CWE-noinfo	CVE-2013-0154	2024-11-21 10:46	2013-01-12	Show	GitHub Exploit DB Packet Storm

293498	-	hp	pki_activex_control	The KillProcess method in the HP PKI ActiveX control (HPPKI.ocx) before 1.2.0.1 allows remote attackers to cause a denial of service (kill process) via the partial or full name of a process.	CWE-20 Improper Input Validation	CVE-2012-6501	2024-11-21 10:46	2013-01-12	Show	GitHub Exploit DB Packet Storm

293499	-	pragyan_cms_project	pragyan_cms	Directory traversal vulnerability in download.lib.php in Pragyan CMS 3.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the fileget parameter in a profile action to…	CWE-22 Path Traversal	CVE-2012-6500	2024-11-21 10:46	2013-01-12	Show	GitHub Exploit DB Packet Storm

293500	-	age_verification_project	age_verification	Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and earlier for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing …	CWE-20 Improper Input Validation	CVE-2012-6499	2024-11-21 10:46	2013-01-12	Show	GitHub Exploit DB Packet Storm