Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 4:07 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231771 5 警告 SugarCRM - SugarCRM Sugar Community Edition における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2045 2012-12-20 18:52 2008-04-10 Show GitHub Exploit DB Packet Storm
231772 6.5 警告 turnkey solutions - Turnkey Web Tools SunShop Shopping Cart の admin/adminindex.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2038 2012-12-20 18:52 2008-04-30 Show GitHub Exploit DB Packet Storm
231773 7.5 危険 Mike Jolley - WordPress 用の Download Monitor プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2034 2012-12-20 18:52 2008-04-30 Show GitHub Exploit DB Packet Storm
231774 7.5 危険 WordPress.org - WordPress 用の Spreadsheet プラグインの ss_load.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1982 2012-12-20 18:52 2008-04-27 Show GitHub Exploit DB Packet Storm
231775 7.5 危険 phphq - phShoutBox Final における権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-1971 2012-12-20 18:52 2008-04-27 Show GitHub Exploit DB Packet Storm
231776 7.5 危険 quate - Quate Grape Web Statistics の includes/functions.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1963 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
231777 7.5 危険 sipp - SIPp の call.cpp の get_remote_video_port_media 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1959 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
231778 4.3 警告 wikepage - Wikepage Opus の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1956 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
231779 4.3 警告 Toocharger - Martin BOUCHER MyBoard の rep.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1955 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
231780 7.5 危険 webcalendar - Web Calendar Pro の one_day.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1954 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291731 - ovirt
redhat 		ovirt
ovirt-engine 		Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors. NVD-CWE-Other
CVE-2014-0152 2024-11-21 11:01 2014-09-8 Show GitHub Exploit DB Packet Storm
291732 - apache ofbiz Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 before 11.04.05 and 12.04.01 before 12.04.04 allow remote attackers to… CWE-79
Cross-site Scripting 		CVE-2014-0232 2024-11-21 11:01 2014-08-22 Show GitHub Exploit DB Packet Storm
291733 - iridium open_port
pilot_below_deck_equipment 		The Terminal Upgrade Tool in the Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allows remote attackers to execute arbitrary code by uploading new firmwa… NVD-CWE-Other
CVE-2014-0327 2024-11-21 11:01 2014-08-18 Show GitHub Exploit DB Packet Storm
291734 - iridium open_port
pilot_below_deck_equipment 		The Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allow remote attackers to read hardcoded credentials via the web interface. NVD-CWE-Other
CVE-2014-0326 2024-11-21 11:01 2014-08-18 Show GitHub Exploit DB Packet Storm
291735 - cobham ailor_6110_mini-c_gmdss
sailor_6006_message_terminal
sailor_6222_vhf
sailor_6300_mf_\/_hf 		The thraneLINK protocol implementation on Cobham devices does not verify firmware signatures, which allows attackers to execute arbitrary code by leveraging physical access or terminal access to send… NVD-CWE-Other
CVE-2014-0328 2024-11-21 11:01 2014-08-15 Show GitHub Exploit DB Packet Storm
291736 - microsoft windows_server_2008
windows_rt
windows_8.1
windows_7
windows_rt_8.1
windows_vista
windows_8
windows_server_2012
windows_server_2003 		win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0318 2024-11-21 11:01 2014-08-13 Show GitHub Exploit DB Packet Storm
291737 - microsoft windows_server_2008
windows_server_2012
windows_rt
windows_8.1
windows_7
windows_rt_8.1
windows_8 		Memory leak in the Local RPC (LRPC) server implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 … CWE-399
 Resource Management Errors 		CVE-2014-0316 2024-11-21 11:01 2014-08-13 Show GitHub Exploit DB Packet Storm
291738 - redhat
opensuse 		libvirt
enterprise_linux
opensuse
enterprise_virtualization 		libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction … CWE-20
 Improper Input Validation  		CVE-2014-0179 2024-11-21 11:01 2014-08-4 Show GitHub Exploit DB Packet Storm
291739 - zarafa
fedoraproject 		zarafa
webapp
fedora 		WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files. CWE-310
Cryptographic Issues 		CVE-2014-0103 2024-11-21 11:01 2014-07-29 Show GitHub Exploit DB Packet Storm
291740 - apache http_server The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script … CWE-399
 Resource Management Errors 		CVE-2014-0231 2024-11-21 11:01 2014-07-20 Show GitHub Exploit DB Packet Storm