Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230811 6.8 警告 wr-script - WR-Meeting の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2355 2012-12-20 18:52 2008-05-20 Show GitHub Exploit DB Packet Storm
230812 5 警告 testmaker - testMaker のデータエクスポート関数におけるデータをエキスポートするアクセス権を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2008-2354 2012-12-20 18:52 2008-05-20 Show GitHub Exploit DB Packet Storm
230813 6.8 警告 smeego - Smeego の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2352 2012-12-20 18:52 2008-05-20 Show GitHub Exploit DB Packet Storm
230814 7.5 危険 WebManager Pro - CMS WebManager-Pro の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2351 2012-12-20 18:52 2008-05-20 Show GitHub Exploit DB Packet Storm
230815 7.5 危険 zomp - Zomplog における管理アクセス権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-2349 2012-12-20 18:52 2008-05-20 Show GitHub Exploit DB Packet Storm
230816 10 危険 TYPO3 Association - TYPO3 用の air_filemanager エクステンションにおける任意の PHP コードされる脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2345 2012-12-20 18:52 2008-05-19 Show GitHub Exploit DB Packet Storm
230817 4.3 警告 TYPO3 Association - TYPO3 用の air_filemanager エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2344 2012-12-20 18:52 2008-05-19 Show GitHub Exploit DB Packet Storm
230818 7.5 危険 turnkey web tools - Turnkey Web Tools SunShop Shopping Cart の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2339 2012-12-20 18:52 2008-05-19 Show GitHub Exploit DB Packet Storm
230819 4.3 警告 Vastal I-Tech & Co. - Vastal I-Tech phpVID の search_results.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2335 2012-12-20 18:52 2008-05-19 Show GitHub Exploit DB Packet Storm
230820 7.5 危険 phpway - Kostenloses Linkmanagementscript における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2301 2012-12-20 18:52 2008-05-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291251 - google
trimble 		sketchup Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689), allows remote attackers to execute arbitrary code via a crafted RLE4-compressed… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-7388 2024-11-21 11:00 2014-07-2 Show GitHub Exploit DB Packet Storm
291252 - vinay_sajip python-gnupg python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in unspecified vectors. NVD-CWE-Other
CVE-2013-7323 2024-11-21 11:00 2014-06-10 Show GitHub Exploit DB Packet Storm
291253 - dleviet datalife_engine Session fixation vulnerability in DataLife Engine (DLE) 9.7 and earlier allows remote attackers to hijack web sessions via the PHPSESSID cookie. NVD-CWE-Other
CVE-2013-7387 2024-11-21 11:00 2014-06-3 Show GitHub Exploit DB Packet Storm
291254 - rom_walton boinc Format string vulnerability in the PROJECT::write_account_file function in client/cs_account.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service (crash) or possibly ex… CWE-134
Use of Externally-Controlled Format String 		CVE-2013-7386 2024-11-21 11:00 2014-06-3 Show GitHub Exploit DB Packet Storm
291255 - x2go x2go_server x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before 4.0.1.10 allows remote authenticated users to gain privileges via unspecified vectors, possibly related to backticks. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-7383 2024-11-21 11:00 2014-05-20 Show GitHub Exploit DB Packet Storm
291256 - cisco nx-os Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217. CWE-22
Path Traversal 		CVE-2013-6975 2024-11-21 11:00 2014-05-20 Show GitHub Exploit DB Packet Storm
291257 - livezilla livezilla LiveZilla 5.1.2.1 and earlier includes the MD5 hash of the operator password in plaintext in Javascript code that is generated by lz/mobile/chat.php, which allows remote attackers to obtain sensitive… CWE-310
Cryptographic Issues 		CVE-2013-7385 2024-11-21 11:00 2014-05-19 Show GitHub Exploit DB Packet Storm
291258 - unrealircd unrealircd UnrealIRCd 3.2.10 before 3.2.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors, related to SSL. NOTE: this issue was SPLIT from C… NVD-CWE-Other
CVE-2013-7384 2024-11-21 11:00 2014-05-19 Show GitHub Exploit DB Packet Storm
291259 - apple
python 		mac_os_x
python 		Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictab… CWE-310
Cryptographic Issues 		CVE-2013-7040 2024-11-21 11:00 2014-05-19 Show GitHub Exploit DB Packet Storm
291260 - livezilla livezilla LiveZilla before 5.1.2.1 includes the operator password in plaintext in Javascript code that is generated by lz/mobile/chat.php, which might allow remote attackers to obtain sensitive information and… CWE-310
Cryptographic Issues 		CVE-2013-7033 2024-11-21 11:00 2014-05-19 Show GitHub Exploit DB Packet Storm