Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 2:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231591	6.8	警告	yet another link directory	-	Yet Another Link Directory の yald.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0141	2012-12-20 18:19	2007-01-9	Show	GitHub Exploit DB Packet Storm

231592	6.8	警告	uber uploader	-	Uber Uploader における任意の PHP スクリプトを実行される脆弱性	-	CVE-2007-0123	2012-12-20 18:19	2007-01-8	Show	GitHub Exploit DB Packet Storm

231593	5	警告	サン・マイクロシステムズ	-	Sun Java System Content Delivery Server における "コンテンツの詳細" を読み込まれ重要な情報を取得される脆弱性	-	CVE-2007-0114	2012-12-20 18:19	2007-01-5	Show	GitHub Exploit DB Packet Storm

231594	6.8	警告	resco	-	Windows Mobile 上で稼動しているモバイルデバイスで使用されている PocketPC 用の Resco Photo Viewer におけるバッファオーバーフローの脆弱性	-	CVE-2007-0111	2012-12-20 18:19	2007-01-8	Show	GitHub Exploit DB Packet Storm

231595	5	警告	WordPress.org	-	WordPress の wp-login.php における重要な情報を取得される脆弱性	-	CVE-2007-0109	2012-12-20 18:19	2007-01-8	Show	GitHub Exploit DB Packet Storm

231596	6.8	警告	WordPress.org	-	WordPress における SQL インジェクション保護スキームを回避される脆弱性	-	CVE-2007-0107	2012-12-20 18:19	2007-01-5	Show	GitHub Exploit DB Packet Storm

231597	6.8	警告	WordPress.org	-	WordPress の CSRF 保護スキームにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0106	2012-12-20 18:19	2007-01-5	Show	GitHub Exploit DB Packet Storm

231598	10	危険	トレンドマイクロ	-	Trend Micro ServerProtect の不特定のプロシージャにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-0074	2012-12-20 18:19	2008-11-17	Show	GitHub Exploit DB Packet Storm

231599	10	危険	トレンドマイクロ	-	Trend Micro ServerProtect の不特定のプロシージャにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-0073	2012-12-20 18:19	2008-11-17	Show	GitHub Exploit DB Packet Storm

231600	10	危険	トレンドマイクロ	-	Trend Micro ServerProtect の不特定のプロシージャにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-0072	2012-12-20 18:19	2008-11-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293961	-	xavi	x7968	Cross-site request forgery (CSRF) vulnerability in webconfig/admin_passwd/passwd.html/admin_passwd in Xavi X7968 allows remote attackers to hijack the authentication of administrators for requests th…	CWE-352 Origin Validation Error	CVE-2012-5323	2024-11-21 10:44	2012-10-9	Show	GitHub Exploit DB Packet Storm

293962	-	xavi	x7968	Multiple cross-site scripting (XSS) vulnerabilities in Xavi X7968 allow remote attackers to inject arbitrary web script or HTML via the (1) pvcName parameter to webconfig/wan/confirm.html/confirm or …	CWE-79 Cross-site Scripting	CVE-2012-5322	2024-11-21 10:44	2012-10-9	Show	GitHub Exploit DB Packet Storm

293963	-	tiki	tikiwiki_cms\/groupware	tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote attackers to load arbitrary web site pages into frames and conduct phishing attacks via the url parameter, aka "frame injection."	CWE-20 Improper Input Validation	CVE-2012-5321	2024-11-21 10:44	2012-10-9	Show	GitHub Exploit DB Packet Storm

293964	-	sagem	f\@st_2604_firmware f\@st_2604	Cross-site request forgery (CSRF) vulnerability in password.cgi in Sagem F@ST 2604 253180972B allows remote attackers to hijack the authentication of administrators for requests that change the admin…	CWE-352 Origin Validation Error	CVE-2012-5320	2024-11-21 10:44	2012-10-9	Show	GitHub Exploit DB Packet Storm

293965	-	dlink	dcs-900 dcs-2000 dcs-5300	Cross-site request forgery (CSRF) vulnerability in setup/security.cgi in D-Link DCS-900, DCS-2000, and DCS-5300 allows remote attackers to hijack the authentication of administrators for requests tha…	CWE-352 Origin Validation Error	CVE-2012-5319	2024-11-21 10:44	2012-10-9	Show	GitHub Exploit DB Packet Storm

293966	-	kishore_asokan	kish_guest_posting_plugin	Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with…	NVD-CWE-Other	CVE-2012-5318	2024-11-21 10:44	2012-10-9	Show	GitHub Exploit DB Packet Storm

293967	-	bigware	bigware_shop	SQL injection vulnerability in main_bigware_43.php in Bigware Shop before 2.1.5 allows remote attackers to execute arbitrary SQL commands via the lastname parameter in a process action.	CWE-89 SQL Injection	CVE-2012-5317	2024-11-21 10:44	2012-10-9	Show	GitHub Exploit DB Packet Storm

293968	-	barracudanetworks	spam_\&_virus_firewall_600_firmware spam_\&_virus_firewall_600	Multiple cross-site scripting (XSS) vulnerabilities in Barracuda Spam & Virus Firewall 600 Firmware 4.0.1.009 and earlier allow remote authenticated users to inject arbitrary web script or HTML via (…	CWE-79 Cross-site Scripting	CVE-2012-5316	2024-11-21 10:44	2012-10-9	Show	GitHub Exploit DB Packet Storm

293969	-	php_ireport_project	php_ireport	Multiple cross-site scripting (XSS) vulnerabilities in php ireport 1.0 allow remote attackers to inject arbitrary web script or HTML via the message parameter to (1) messages_viewer.php, (2) home.php…	CWE-79 Cross-site Scripting	CVE-2012-5315	2024-11-21 10:44	2012-10-9	Show	GitHub Exploit DB Packet Storm

293970	-	heikki_hokkanen	viewgit	Cross-site scripting (XSS) vulnerability in ViewGit 0.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the f parameter.	CWE-79 Cross-site Scripting	CVE-2012-5314	2024-11-21 10:44	2012-10-9	Show	GitHub Exploit DB Packet Storm