Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233441 7.5 危険 Invision Power Services, Inc - IP.Board の ips_kernel/class_upload.php におけるスクリプトファイルをアップロードされる脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4913 2012-09-25 16:59 2007-09-12 Show GitHub Exploit DB Packet Storm
233442 4.3 警告 Invision Power Services, Inc - IP.Board の ips_kernel/class_ajax.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4912 2012-09-25 16:59 2007-09-12 Show GitHub Exploit DB Packet Storm
233443 10 危険 netinvoicing - netInvoicing における脆弱性 CWE-noinfo
情報不足 		CVE-2007-4910 2012-09-25 16:59 2007-09-17 Show GitHub Exploit DB Packet Storm
233444 6.8 警告 nuclearbb - NuclearBB の tasks/send_queued_emails.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4906 2012-09-25 16:59 2007-09-17 Show GitHub Exploit DB Packet Storm
233445 6.8 警告 マイクロソフト - Microsoft Visual Studio 6.0 の PDWizard.ocx における任意のプログラムを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2007-4891 2012-09-25 16:59 2007-09-13 Show GitHub Exploit DB Packet Storm
233446 5.8 警告 マイクロソフト - Microsoft Visual Studio 6.0 の VBTOVSI.DLL におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4890 2012-09-25 16:59 2007-09-13 Show GitHub Exploit DB Packet Storm
233447 6.8 警告 The PHP Group - PHP の MySQL エクステンションにおける open_basedir 制限を回避される脆弱性 CWE-DesignError
CVE-2007-4889 2012-09-25 16:59 2007-09-13 Show GitHub Exploit DB Packet Storm
233448 4.3 警告 media player classic - MPC におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2007-4884 2012-09-25 16:59 2007-09-13 Show GitHub Exploit DB Packet Storm
233449 4.3 警告 MediaWiki - MediaWiki の BotQuery エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4883 2012-09-25 16:59 2007-09-10 Show GitHub Exploit DB Packet Storm
233450 10 危険 IBM - IBM TSM クライアントの CAD におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4880 2012-09-25 16:59 2007-09-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
284731 - x.org evi
mit-shm
xserver 		Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used … CWE-189
CWE-362
Numeric Errors
Race Condition 		CVE-2007-6429 2018-10-16 06:53 2008-01-19 Show GitHub Exploit DB Packet Storm
284732 - real_time_logic barracudadrive_web_server
barracudadrive_web_server_home_server 		BarracudaDrive Web Server before 3.8 allows remote attackers to read the source code for web scripts by appending a (1) + (plus), (2) . (dot), or (3) %80 and similar characters to the file name in th… CWE-20
 Improper Input Validation  		CVE-2007-6314 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284733 - real_time_logic barracudadrive_web_server
barracudadrive_web_server_home_server 		Group Chat in BarracudaDrive Web Server before 3.8 allows remote authenticated users to cause a denial of service (crash) via a HTTP request to /eh/chat.ehintf/C. that does not contain a Connection I… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-6315 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284734 - real_time_logic barracudadrive_web_server
barracudadrive_web_server_home_server 		Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server before 3.8 allows remote attackers to inject arbitrary web script or HTML via the URI path in an HTTP GET request, which is activ… CWE-79
Cross-site Scripting 		CVE-2007-6316 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284735 - real_time_logic barracudadrive_web_server
barracudadrive_web_server_home_server 		Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\ (dot dot backslash) sequences in the URL path, … CWE-22
Path Traversal 		CVE-2007-6317 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284736 - wordpress wordpress SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, … CWE-89
SQL Injection 		CVE-2007-6318 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284737 - lyris list_manager Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitra… NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-6319 2018-10-16 06:52 2008-02-20 Show GitHub Exploit DB Packet Storm
284738 - roundcube webmail Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML vi… CWE-79
Cross-site Scripting 		CVE-2007-6321 2018-10-16 06:52 2007-12-12 Show GitHub Exploit DB Packet Storm
284739 - microsoft office Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not sign the metadata of Office Open XML (OOXML) documents, which makes it easier for remote attackers to modify Dublin Core metadata fi… CWE-255
Credentials Management 		CVE-2007-6329 2018-10-16 06:52 2007-12-14 Show GitHub Exploit DB Packet Storm
284740 - meridian_software prolog_manager Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames and passwords to the client in a (1) cleartext or (2) weakly encrypted format to support client-side login authentication, which… NVD-CWE-Other
CVE-2007-6330 2018-10-16 06:52 2007-12-14 Show GitHub Exploit DB Packet Storm