Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230641	7.1	危険	Mozilla Foundation	-	Mozilla SeaMonkey の mail コンポーネントにおける重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-3385	2012-09-25 17:27	2010-03-16	Show	GitHub Exploit DB Packet Storm

230642	2.7	注意	オラクル	-	Oracle PeopleSoft Enterprise などの JD Edwards Tools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3406	2012-09-25 17:27	2009-10-20	Show	GitHub Exploit DB Packet Storm

230643	4.1	警告	オラクル	-	Oracle PeopleSoft Enterprise などの JD Edwards Tools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3405	2012-09-25 17:27	2009-10-20	Show	GitHub Exploit DB Packet Storm

230644	4	警告	オラクル	-	Oracle PeopleSoft Enterprise などの PeopleSoft PeopleTools & Enterprise Portal コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3404	2012-09-25 17:27	2009-10-20	Show	GitHub Exploit DB Packet Storm

230645	10	危険	オラクル	-	BEA Product Suite の JRockit コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3403	2012-09-25 17:27	2009-10-20	Show	GitHub Exploit DB Packet Storm

230646	2.1	注意	オラクル	-	Oracle E-Business Suite の Oracle Applications Framework コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3402	2012-09-25 17:27	2009-10-20	Show	GitHub Exploit DB Packet Storm

230647	1.7	注意	オラクル	-	Oracle E-Business Suite の Oracle Applications Technology Stack コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3401	2012-09-25 17:27	2009-10-20	Show	GitHub Exploit DB Packet Storm

230648	5.5	警告	オラクル	-	Oracle E-Business Suite の Oracle Advanced Benefits コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3400	2012-09-25 17:27	2009-10-20	Show	GitHub Exploit DB Packet Storm

230649	4.3	警告	オラクル	-	Oracle E-Business Suite の Oracle Application Object Library コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3397	2012-09-25 17:27	2009-10-20	Show	GitHub Exploit DB Packet Storm

230650	5	警告	オラクル	-	Oracle E-Business Suite の AutoVue コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3395	2012-09-25 17:27	2009-10-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
285291	-	envolution	envolution	SQL injection vulnerability in the News module in modules.php in Envolution 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector tha…	NVD-CWE-Other	CVE-2007-4253	2018-10-16 06:34	2007-08-9	Show	GitHub Exploit DB Packet Storm

285292	-	php	php	Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent attackers to execute arbitrary code via a long first argument to the msql_connect function.	NVD-CWE-Other	CVE-2007-4255	2018-10-16 06:34	2007-08-9	Show	GitHub Exploit DB Packet Storm

285293	-	ez_photo_sales	ez_photo_sales	EZPhotoSales 1.9.3 and earlier allows remote attackers to download arbitrary image files via (1) a direct request for a URL under OnlineViewing/galleries/ or (2) navigation of the gallery user interf…	NVD-CWE-Other	CVE-2007-4259	2018-10-16 06:34	2007-08-9	Show	GitHub Exploit DB Packet Storm

285294	-	ez_photo_sales	ez_photo_sales	EZPhotoSales 1.9.3 and earlier has a default "admin" account for galleries, which allows remote attackers to access arbitrary galleries by specifying this username.	NVD-CWE-Other	CVE-2007-4260	2018-10-16 06:34	2007-08-9	Show	GitHub Exploit DB Packet Storm

285295	-	ez_photo_sales	ez_photo_sales	Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/.	NVD-CWE-Other	CVE-2007-4262	2018-10-16 06:34	2007-08-9	Show	GitHub Exploit DB Packet Storm

285296	-	ez_photo_sales	ez_photo_sales	EZPhotoSales 1.9.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download (1) a file containing cleartext passwords vi…	CWE-255 Credentials Management	CVE-2007-4261	2018-10-16 06:34	2007-08-9	Show	GitHub Exploit DB Packet Storm

285297	-	coppermine	coppermine_photo_gallery	PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in Coppermine Photo Gallery (CPG) 1.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the sourcedir parameter.	NVD-CWE-Other	CVE-2007-4283	2018-10-16 06:34	2007-08-10	Show	GitHub Exploit DB Packet Storm

285298	-	cisco	meetingplace_web_confrencing	Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified MeetingPlace Web Conferencing (MP) 5.3.235.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1…	NVD-CWE-Other	CVE-2007-4284	2018-10-16 06:34	2007-08-10	Show	GitHub Exploit DB Packet Storm

285299	-	cisco	ios	Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2007-4286	2018-10-16 06:34	2007-08-10	Show	GitHub Exploit DB Packet Storm

285300	-	sun	java_system_portal_server	Sun Java System Portal Server 7.0 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a c…	NVD-CWE-Other	CVE-2007-4289	2018-10-16 06:34	2007-08-10	Show	GitHub Exploit DB Packet Storm