Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 12:07 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
239261	4.3	警告	Liferay	-	Liferay Portal の c/portal/login におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6055	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239262	9.3	危険	IBM	-	IBM DB2 UDB における脆弱性	CWE-399 リソース管理の問題	CVE-2007-6053	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239263	7.8	危険	IBM	-	IBM DB2 UDB におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2007-6052	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239264	10	危険	IBM	-	IBM DB2 UDB における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6051	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239265	7.2	危険	IBM	-	IBM DB2 UDB の DB2LICD における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6050	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239266	7.2	危険	IBM	-	IBM DB2 UDB の SSL LOAD GSKIT アクションにおける脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6049	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239267	10	危険	IBM	-	IBM DB2 UDB における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6048	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239268	10	危険	IBM	-	IBM DB2 UDB の DB2DART ツールにおける任意のコマンドを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6047	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239269	7.2	危険	IBM	-	IBM DB2 UDB の setuid プログラムにおける脆弱性	CWE-noinfo 情報不足	CVE-2007-6046	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

239270	10	危険	IBM	-	IBM DB2 UDB の DB2WATCH などにおける脆弱性	CWE-noinfo 情報不足	CVE-2007-6045	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
286621	-	safenet-inc	safenet_authentication_service_outlook_web_access_agent	Directory traversal vulnerability in SafeNet Authentication Service (SAS) Outlook Web Access Agent (formerly CRYPTOCard) before 1.03.30109 allows remote attackers to read arbitrary files via a .. (do…	CWE-22 Path Traversal	CVE-2014-5359	2024-11-21 11:11	2014-12-17	Show	GitHub Exploit DB Packet Storm

286622	-	malwarebytes	malwarebytes_anti-exploit malwarebytes_anti-malware	The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute …	CWE-345 Insufficient Verification of Data Authenticity	CVE-2014-4936	2024-11-21 11:11	2014-12-17	Show	GitHub Exploit DB Packet Storm

286623	-	hikvision	dvr_ds-7204_firmware	Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other models and versions, allows remote attackers to execute arbitrary code via an RTSP PLAY request with a long Authorizat…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-4880	2024-11-21 11:11	2014-12-8	Show	GitHub Exploit DB Packet Storm

286624	-	ossec	ossec	host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-5284	2024-11-21 11:11	2014-12-2	Show	GitHub Exploit DB Packet Storm

286625	-	fasttoggle_project	fasttoggle	The Fasttoggle module 7.x-1.3 and 7.x-1.4 for Drupal allows remote attackers to block or unblock an account via a crafted user status link.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-5268	2024-11-21 11:11	2014-12-2	Show	GitHub Exploit DB Packet Storm

286626	-	open-xchange	app_suite	Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger re…	NVD-CWE-Other	CVE-2014-5237	2024-11-21 11:11	2014-12-2	Show	GitHub Exploit DB Packet Storm

286627	-	lwip_project	lwip	resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2014-4883	2024-11-21 11:11	2014-11-28	Show	GitHub Exploit DB Packet Storm

286628	-	directwebremoting	direct_web_remoting	Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2014-5326	2024-11-21 11:11	2014-11-24	Show	GitHub Exploit DB Packet Storm

286629	-	directwebremoting	direct_web_remoting	The (1) DOMConverter, (2) JDOMConverter, (3) DOM4JConverter, and (4) XOMConverter functions in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allow remote attackers to read arbitrar…	CWE-200 Information Exposure	CVE-2014-5325	2024-11-21 11:11	2014-11-24	Show	GitHub Exploit DB Packet Storm

286630	-	cybozu	office dezie mailwise	Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-5314	2024-11-21 11:11	2014-11-24	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed