Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
239541	2.1	注意	NetBSD	-	NetBSD の display driver allocattr 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-3654	2012-09-25 16:47	2007-09-17	Show	GitHub Exploit DB Packet Storm

239542	6.8	警告	ヒューレット・パッカード	-	HP Digital Imaging の hpqvwocx.dll における絶対パストラバーサルの脆弱性	-	CVE-2007-3649	2012-09-25 16:47	2007-07-10	Show	GitHub Exploit DB Packet Storm

239543	7.8	危険	Linux	-	Linux kernel の net/netfilter/nf_conntrack_h323_asn1.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2007-3642	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

239544	7.5	危険	mkportal	-	MKPortal における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-3637	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

239545	6.8	警告	LimeSurvey	-	LimeSurvey における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3632	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

239546	10	危険	levent veysi portal	-	Levent Veysi Portal の oku.asp における SQL インジェクションの脆弱性	-	CVE-2007-3629	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

239547	5	警告	PEAR	-	PEAR Structures-DataGrid-DataSource-MDB2 の MDB2.php における "生成されたソートクエリを操作される" 脆弱性	-	CVE-2007-3628	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

239548	7.5	危険	php lite	-	PHP Lite Calendar Express における SQL インジェクションの脆弱性	-	CVE-2007-3627	2012-09-25 16:47	2007-07-9	Show	GitHub Exploit DB Packet Storm

239549	7.8	危険	日立	-	Hitachi TPBroker の ADM デーモンにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2007-3626	2012-09-25 16:47	2007-07-6	Show	GitHub Exploit DB Packet Storm

239550	4.3	警告	日立	-	Hitachi JP1/HiCommand Device Manager におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3623	2012-09-25 16:47	2007-07-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
285821	-		tera_charts_plugin_project	tera-charts	Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/…	CWE-22 Path Traversal	CVE-2014-4940	2024-11-21 11:11	2014-07-12	Show	GitHub Exploit DB Packet Storm

285822	-		enl_newsletter_plugin_project	enl-newsletter	SQL injection vulnerability in the ENL Newsletter (enl-newsletter) plugin 1.0.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the …	CWE-89 SQL Injection	CVE-2014-4939	2024-11-21 11:11	2014-07-12	Show	GitHub Exploit DB Packet Storm

285823	-		wp_rss_poster_plugin_project	wp-rss-poster	SQL injection vulnerability in the WP Rss Poster (wp-rss-poster) plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in the wrp-add-new page to w…	CWE-89 SQL Injection	CVE-2014-4938	2024-11-21 11:11	2014-07-12	Show	GitHub Exploit DB Packet Storm

285824	-		bookx_plugin_project	bookx	Directory traversal vulnerability in includes/bookx_export.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.	CWE-22 Path Traversal	CVE-2014-4937	2024-11-21 11:11	2014-07-12	Show	GitHub Exploit DB Packet Storm

285825	-		pnp4nagios	pnp4nagios	Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios through 0.6.22 allow remote attackers to inject arbitrary web script or HTML via the URI used for reaching (1) share/pnp/application/…	CWE-79 Cross-site Scripting	CVE-2014-4908	2024-11-21 11:11	2014-07-11	Show	GitHub Exploit DB Packet Storm

285826	-		op5 pnp4nagios	monitor pnp4nagios	Cross-site scripting (XSS) vulnerability in share/pnp/application/views/kohana_error_page.php in PNP4Nagios before 0.6.22 allows remote attackers to inject arbitrary web script or HTML via a paramete…	CWE-79 Cross-site Scripting	CVE-2014-4907	2024-11-21 11:11	2014-07-11	Show	GitHub Exploit DB Packet Storm

285827	9.8	CRITICAL Network	python redhat	python enterprise_linux software_collections	The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct…	CWE-22 Path Traversal	CVE-2014-4650	2024-11-21 11:10	2020-02-21	Show	GitHub Exploit DB Packet Storm

285828	5.5	MEDIUM Local	redhat	ansible	Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "d…	CWE-522 Insufficiently Protected Credentials	CVE-2014-4659	2024-11-21 11:10	2020-02-21	Show	GitHub Exploit DB Packet Storm

285829	5.5	MEDIUM Local	redhat	ansible	The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.	CWE-200 Information Exposure	CVE-2014-4658	2024-11-21 11:10	2020-02-21	Show	GitHub Exploit DB Packet Storm

285830	9.8	CRITICAL Network	redhat	ansible	The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.	CWE-20 Improper Input Validation	CVE-2014-4657	2024-11-21 11:10	2020-02-21	Show	GitHub Exploit DB Packet Storm