Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
235701 7.5 危険 Mahara - mahara の lib/user.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0400 2012-09-25 17:38 2010-04-7 Show GitHub Exploit DB Packet Storm
235702 6.8 警告 nanosleep - Trac Git プラグインの PyGIT.py における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0394 2012-09-25 17:38 2010-02-3 Show GitHub Exploit DB Packet Storm
235703 5 警告 JCE-Tech.com - JCE-Tech PHP Calendars の install.php におけるアクセス制限を回避する脆弱性 CWE-16
CWE-264
CVE-2010-0380 2012-09-25 17:38 2010-01-22 Show GitHub Exploit DB Packet Storm
235704 4.3 警告 JCE-Tech.com - JCE-Tech PHP Calendars の product_list.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0376 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
235705 7.5 危険 JCE-Tech.com - JCE-Tech PHP Calendars の product_list.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0375 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
235706 7.5 危険 Joomla! - Joomla! 用の libros コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0373 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
235707 7.5 危険 hong chuyen - Joomla! の articlemanager コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0372 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
235708 4.3 警告 hitmaaan - Hitmaaan Gallery の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0371 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
235709 7.5 危険 matthias graubner - Helpdesk エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0333 2012-09-25 17:38 2010-01-15 Show GitHub Exploit DB Packet Storm
235710 7.5 危険 julian fries - TYPO3 用の Googlemaps for tt_news 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0330 2012-09-25 17:38 2010-01-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346611 - smartwebby smart_guest_book SmartWebby Smart Guest Book stores SmartGuestBook.mdb (aka the "news database") under the web document root with insufficient access control, which allows remote attackers to obtain sensitive informa… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2004-2608 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
346612 - symantec powerquest_deploycenter The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four "stuff… NVD-CWE-Other
CVE-2004-2609 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
346613 - stefan_bambach mntd mntd_mount.c in mntd before 0.4.2 might allow local users to gain privileges via shell metacharacters in a remount option in the configuration file. NOTE: It is not clear whether this is a vulnerabi… NVD-CWE-Other
CVE-2004-2610 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
346614 - steven_schaefer sophster The Change Permissions function in the Sophster suite before 0.9.6 28 May 2004 (aka 0.9.6-r5), possibly including Sophster, FreeSophster, and FreeSophsterPAM, removes the (1) setuid, (2) setgid, and … NVD-CWE-Other
CVE-2004-2611 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
346615 - bnc bnc BNC 2.9.0 only grants access when an incorrect password is provided, which allows remote attackers to use the functionality intended for authorized users. NVD-CWE-Other
CVE-2004-2612 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
346616 - cutephp cutenews The documentation for CuteNews 1.3.6 and possibly other versions specifies that files under cutenews/data must be manually given world-writable permissions, which allows local users to insert false n… NVD-CWE-Other
CVE-2004-2615 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
346617 - pegasi_web_server pegasi_web_server Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to read files outside of the web root via a .. (dot dot) directly after the initial '/' (slash) in the URI. NVD-CWE-Other
CVE-2004-2617 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
346618 - pegasi_web_server pegasi_web_server Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial '/' (slash). NVD-CWE-Other
CVE-2004-2618 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
346619 - paul_l_daniels ripmime ripMIME 1.3.2.3 and earlier allows remote attackers to bypass e-mail protection via a base64 MIME encoded attachment containing invalid characters that are not properly extracted. NVD-CWE-Other
CVE-2004-2619 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
346620 - nortel contivity Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates… NVD-CWE-Other
CVE-2004-2621 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm