Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
236321 4.3 警告 LXR Project - LXR Cross Referencer におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4497 2012-09-25 17:38 2010-01-7 Show GitHub Exploit DB Packet Storm
236322 5 警告 orion - Orion Application Server における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4493 2012-09-25 17:38 2010-01-13 Show GitHub Exploit DB Packet Storm
236323 5 警告 Igor Sysoev - nginx におけるファイルを上書きされる脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4487 2012-09-25 17:38 2010-01-13 Show GitHub Exploit DB Packet Storm
236324 4.3 警告 nanwich - Drupal 用の FAQ Ask モジュールにおけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2009-4534 2012-09-25 17:38 2009-10-28 Show GitHub Exploit DB Packet Storm
236325 5 警告 Nathan Haug - Drupal 用の Webform モジュールにおけるセッション変数を読み取られる脆弱性 CWE-200
情報漏えい 		CVE-2009-4533 2012-09-25 17:38 2009-10-14 Show GitHub Exploit DB Packet Storm
236326 3.5 注意 Nathan Haug - Webform モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4532 2012-09-25 17:38 2009-10-14 Show GitHub Exploit DB Packet Storm
236327 5 警告 JasPer Project - httpdx における Web ページのソースコードを取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4531 2012-09-25 17:38 2009-12-31 Show GitHub Exploit DB Packet Storm
236328 5 警告 intervations - InterVations NaviCOPA Web Server における Web ページのソースコードを取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4529 2012-09-25 17:38 2009-12-31 Show GitHub Exploit DB Packet Storm
236329 6.5 警告 Moshe Weitzman - Drupal 用の OG Vocabulary モジュールにおける語彙を作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4528 2012-09-25 17:38 2009-10-14 Show GitHub Exploit DB Packet Storm
236330 4.6 警告 National Information Infrastructure Development Institute - Drupal 用の Shibboleth 認証モジュールにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4527 2012-09-25 17:38 2009-10-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
354481 - ipswitch imail Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be … NVD-CWE-Other
CVE-2001-1286 2008-09-11 04:10 2001-10-12 Show GitHub Exploit DB Packet Storm
354482 - ipswitch imail Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. NVD-CWE-Other
CVE-2001-1287 2008-09-11 04:10 2001-10-12 Show GitHub Exploit DB Packet Storm
354483 - id_software quake_3_arena Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a denial of service (crash) via a malformed connection packet that begins with several char-255 characters. NVD-CWE-Other
CVE-2001-1289 2008-09-11 04:10 2001-07-29 Show GitHub Exploit DB Packet Storm
354484 - 3com 3cr29223 Buffer overflow in web server of 3com HomeConnect Cable Modem External with USB (#3CR29223) allows remote attackers to cause a denial of service (crash) via a long HTTP request. NVD-CWE-Other
CVE-2001-1293 2008-09-11 04:10 2001-09-26 Show GitHub Exploit DB Packet Storm
354485 - avtronics inetserv Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows remote attackers to cause a denial of service (crash) in the Webmail interface via a long username and password. NVD-CWE-Other
CVE-2001-1294 2008-09-11 04:10 2001-08-22 Show GitHub Exploit DB Packet Storm
354486 - marc_logemann more.groupware More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. NVD-CWE-Other
CVE-2001-1296 2008-09-11 04:10 2001-10-2 Show GitHub Exploit DB Packet Storm
354487 - actionpoll actionpoll PHP remote file inclusion vulnerability in Actionpoll PHP script before 1.1.2 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter. NVD-CWE-Other
CVE-2001-1297 2008-09-11 04:10 2001-10-2 Show GitHub Exploit DB Packet Storm
354488 - grant_horwood webodex Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. NVD-CWE-Other
CVE-2001-1298 2008-09-11 04:10 2001-10-2 Show GitHub Exploit DB Packet Storm
354489 - xinetd xinetd xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe … NVD-CWE-Other
CVE-2001-1322 2008-09-11 04:10 2001-07-10 Show GitHub Exploit DB Packet Storm
354490 - paul_jarc idtools cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexec_env function, which could cause the setstate utility to setuid to the UID… NVD-CWE-Other
CVE-2001-1324 2008-09-11 04:10 2001-06-26 Show GitHub Exploit DB Packet Storm