Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
239651	6.8	警告	ヒューレット・パッカード	-	HP-UX 上の HP OpenView Storage Data Protector における任意のコードを実行される脆弱性	-	CVE-2007-0866	2012-09-25 16:47	2007-02-8	Show	GitHub Exploit DB Packet Storm

239652	7.5	危険	lushinews	-	LushiNews の comments.php における SQL インジェクションの脆弱性	-	CVE-2007-0865	2012-09-25 16:47	2007-02-8	Show	GitHub Exploit DB Packet Storm

239653	7.5	危険	lushiwarplaner	-	LushiWarPlaner の register.php における SQL インジェクションの脆弱性	-	CVE-2007-0864	2012-09-25 16:47	2007-02-8	Show	GitHub Exploit DB Packet Storm

239654	2.1	注意	palm	-	Palm OS Treo スマートフォンの Find 機能における重要な情報を取得される脆弱性	-	CVE-2007-0859	2012-09-25 16:47	2007-02-15	Show	GitHub Exploit DB Packet Storm

239655	4.3	警告	MoinMoin	-	MoinMoin におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0857	2012-09-25 16:47	2007-02-8	Show	GitHub Exploit DB Packet Storm

239656	7.5	危険	maian recipe	-	Maian Recipe の classes/class_mail.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0848	2012-09-25 16:47	2007-02-8	Show	GitHub Exploit DB Packet Storm

239657	7.5	危険	open tibia server cms	-	OTSCMS の mod/PM/reply.php における SQL インジェクションの脆弱性	-	CVE-2007-0847	2012-09-25 16:47	2007-02-8	Show	GitHub Exploit DB Packet Storm

239658	6.8	警告	open tibia server cms	-	OTSCMS の forum.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0846	2012-09-25 16:47	2007-02-8	Show	GitHub Exploit DB Packet Storm

239659	6.4	警告	pam ssh	-	pam_ssh の pam_ssh.c における認証を回避される脆弱性	-	CVE-2007-0844	2012-09-25 16:47	2007-02-8	Show	GitHub Exploit DB Packet Storm

239660	4.6	警告	マイクロソフト	-	Microsoft Windows 2000 などの ReadDirectoryChangesW API 関数におけるパーミッションを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-0843	2012-09-25 16:47	2007-02-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
286091	9.8	CRITICAL Network	unify	openscape_deployment_service	SQL injection vulnerability in OpenScape Deployment Service (DLS) before 6.x and 7.x before R1.11.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2014-2652	2024-11-21 11:06	2018-03-20	Show	GitHub Exploit DB Packet Storm

286092	8.8	HIGH Network	disable_comments	disable_comments_project	Cross-site request forgery (CSRF) vulnerability in the Disable Comments plugin before 1.0.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that enab…	CWE-352 Origin Validation Error	CVE-2014-2550	2024-11-21 11:06	2018-03-20	Show	GitHub Exploit DB Packet Storm

286093	6.1	MEDIUM Network	videowhisper	videowhisper_live_streaming_integration	Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin 4.29.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1…	CWE-79 Cross-site Scripting	CVE-2014-2297	2024-11-21 11:06	2018-03-20	Show	GitHub Exploit DB Packet Storm

286094	9.8	CRITICAL Network	arubanetworks	web_management_portal	Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2014-2592	2024-11-21 11:06	2018-03-10	Show	GitHub Exploit DB Packet Storm

286095	8.8	HIGH Network	x2engine	x2crm	Unrestricted file upload vulnerability in the ProfileController::actionUploadPhoto method in protected/controllers/ProfileController.php in X2Engine X2CRM before 4.0 allows remote attackers to execut…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2014-2664	2024-11-21 11:06	2017-10-18	Show	GitHub Exploit DB Packet Storm

286096	6.1	MEDIUM Network	oliver_project	oliver	Multiple cross-site scripting (XSS) vulnerabilities in Oliver (formerly Webshare) 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the (1) login pa…	CWE-79 Cross-site Scripting	CVE-2014-2710	2024-11-21 11:06	2017-04-13	Show	GitHub Exploit DB Packet Storm

286097	-		php_font_lib_project	php_font_lib	Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.	CWE-79 Cross-site Scripting	CVE-2014-2570	2024-11-21 11:06	2015-09-1	Show	GitHub Exploit DB Packet Storm

286098	-		check_mk_project	check_mk	Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOT…	CWE-20 Improper Input Validation	CVE-2014-2332	2024-11-21 11:06	2015-09-1	Show	GitHub Exploit DB Packet Storm

286099	-		check_mk_project	check_mk	Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers b…	CWE-94 Code Injection	CVE-2014-2331	2024-11-21 11:06	2015-09-1	Show	GitHub Exploit DB Packet Storm

286100	-		check_mk_project	check_mk	Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload ar…	CWE-352 Origin Validation Error	CVE-2014-2330	2024-11-21 11:06	2015-09-1	Show	GitHub Exploit DB Packet Storm