Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231421	4.9	警告	ssl-explorer	-	SSL-Explorer における JavaScript などを含むリダイレクト URL を入力される脆弱性	CWE-119 バッファエラー	CVE-2007-2907	2012-12-20 18:19	2007-05-30	Show	GitHub Exploit DB Packet Storm

231422	5	警告	サン・マイクロシステムズ	-	Java Embedding プラグインにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2906	2012-12-20 18:19	2007-05-30	Show	GitHub Exploit DB Packet Storm

231423	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Messaging Server におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2904	2012-12-20 18:19	2007-05-23	Show	GitHub Exploit DB Packet Storm

231424	6.8	警告	scallywag.org	-	Scallywag における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2900	2012-12-20 18:19	2007-05-30	Show	GitHub Exploit DB Packet Storm

231425	4.3	警告	シマンテック	-	Windows 上で稼動する Symantec ESM マネージャなどにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2896	2012-12-20 18:19	2007-05-24	Show	GitHub Exploit DB Packet Storm

231426	10	危険	サン・マイクロシステムズ	-	Sun Java Web Proxy Server の sockd におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-2881	2012-12-20 18:19	2007-05-25	Show	GitHub Exploit DB Packet Storm

231427	7.8	危険	windy road	-	Vistered Little の skins/common.css.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2934	2012-12-20 18:19	2006-08-29	Show	GitHub Exploit DB Packet Storm

231428	7.2	危険	tcl.tk	-	Tcl/Tk の tcl/win/tclWinReg.c におけるバッファオーバーフローの脆弱性	-	CVE-2007-2877	2012-12-20 18:19	2007-05-29	Show	GitHub Exploit DB Packet Storm

231429	5.8	警告	レッドハット	-	Fedora NetworkManager パッケージの wpa_supplicant におけるバッファオーバーフローの脆弱性	-	CVE-2007-2874	2012-12-20 18:19	2007-06-4	Show	GitHub Exploit DB Packet Storm

231430	7.5	危険	phpecho cms	-	PHPEcho CMS の modules/admin/modules/gallery.php における SQL インジェクションの脆弱性	-	CVE-2007-2866	2012-12-20 18:19	2007-05-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
294311	-	typo3	typo3	The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 does not properly restrict access, which allows remote authenticated editors to read the history o…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-6146	2024-11-21 10:45	2014-05-20	Show	GitHub Exploit DB Packet Storm

294312	-	cisco	ios_xe asr_1001 asr_1002 asr_1002-x asr_1002_fixed_router asr_1004 asr_1006 asr_1013 asr_1023_router	Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP pack…	CWE-20 Improper Input Validation	CVE-2012-5723	2024-11-21 10:45	2014-04-24	Show	GitHub Exploit DB Packet Storm

294313	-	roundup-tracker	roundup	Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the @action parameter to support/issue1.	CWE-79 Cross-site Scripting	CVE-2012-6131	2024-11-21 10:45	2014-04-12	Show	GitHub Exploit DB Packet Storm

294314	-	roundup-tracker	roundup	Cross-site scripting (XSS) vulnerability in the history display in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via a username, related to generating a link.	CWE-79 Cross-site Scripting	CVE-2012-6130	2024-11-21 10:45	2014-04-12	Show	GitHub Exploit DB Packet Storm

294315	-	roundup-tracker	roundup	Cross-site scripting (XSS) vulnerability in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the otk parameter.	CWE-79 Cross-site Scripting	CVE-2012-6132	2024-11-21 10:45	2014-04-11	Show	GitHub Exploit DB Packet Storm

294316	-	theforeman	foreman	Multiple SQL injection vulnerabilities in Foreman before 1.0.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) app/models/hostext/search.rb or (2) app/model…	CWE-89 SQL Injection	CVE-2012-5648	2024-11-21 10:45	2014-04-4	Show	GitHub Exploit DB Packet Storm

294317	-	apache	couchdb	Cross-site scripting (XSS) vulnerability in the Futon UI in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via …	CWE-79 Cross-site Scripting	CVE-2012-5650	2024-11-21 10:45	2014-03-19	Show	GitHub Exploit DB Packet Storm

294318	-	apache mochiweb_project	couchdb mochiweb	Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows …	CWE-22 Path Traversal	CVE-2012-5641	2024-11-21 10:45	2014-03-19	Show	GitHub Exploit DB Packet Storm

294319	-	imagecms	imagecms	SQL injection vulnerability in ImageCMS before 4.2 allows remote authenticated administrators to execute arbitrary SQL commands via the q parameter to admin/admin_search/. NOTE: this can be leverage…	CWE-89 SQL Injection	CVE-2012-6290	2024-11-21 10:45	2014-03-12	Show	GitHub Exploit DB Packet Storm

294320	-	hp	linux_imaging_and_printing_project	HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writable permissions for /var/log/hp and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operation…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-6108	2024-11-21 10:45	2014-02-15	Show	GitHub Exploit DB Packet Storm