Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
239771	4	警告	jetbox	-	Jetbox CMS の formmail.php における CRLF インジェクションの脆弱性	-	CVE-2007-2731	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

239772	4.3	警告	The PHP Group	-	PHP の soap エクステンションにおける脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-2728	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

239773	2.6	注意	The PHP Group	-	PHP の ext/mcrypt/mcyrpt.c における特定のデータを解読される脆弱性	-	CVE-2007-2727	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

239774	7.1	危険	media player classic	-	Media Player Classic におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2723	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

239775	7.8	危険	newzcrawler	-	NewzCrawler におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2722	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

239776	10	危険	ヒューレット・パッカード	-	HP SIM におけるセッションをハイジャックされる脆弱性	CWE-287 不適切な認証	CVE-2007-2719	2012-09-25 16:47	2007-05-8	Show	GitHub Exploit DB Packet Storm

239777	4.3	警告	マイクロソフト Stalker Software, Inc.	-	Stalker CommuniGate Pro の WebMail system におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2718	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

239778	7.5	危険	igeneric	-	iG Shop の shop/page.php における SQL インジェクションの脆弱性	-	CVE-2007-2717	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

239779	10	危険	matt mullenweg	-	WordPress プラグインの Matt Mullenweg Akismet における脆弱性	-	CVE-2007-2714	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

239780	10	危険	ifusionservices	-	ifdate における管理アクセス権を取得される脆弱性	-	CVE-2007-2713	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
285181	-	ibm	cognos_business_intelligence	Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence 10.1 before IF10, 10.1.1 before IF9, 10.2 before IF11, 10.2.1 before IF8, and 10.2.1.1 before IF7 allows rem…	CWE-79 Cross-site Scripting	CVE-2014-6145	2024-11-21 11:13	2014-12-12	Show	GitHub Exploit DB Packet Storm

285182	-	ibm	websphere_datapower_xc10_appliance_firmware	The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to bypass intended grid-data access restrictions via unspecified vectors.	CWE-200 Information Exposure	CVE-2014-6138	2024-11-21 11:13	2014-12-12	Show	GitHub Exploit DB Packet Storm

285183	-	ibm	websphere_portal	Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 before 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 a…	CWE-79 Cross-site Scripting	CVE-2014-6215	2024-11-21 11:13	2014-12-12	Show	GitHub Exploit DB Packet Storm

285184	-	ibm	websphere_datapower_xc10_appliance_firmware	Cross-site scripting (XSS) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted UR…	CWE-79 Cross-site Scripting	CVE-2014-6163	2024-11-21 11:13	2014-12-12	Show	GitHub Exploit DB Packet Storm

285185	-	ibm	websphere_datapower_xc10_appliance_firmware	The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows local users to obtain sensitive information by reading a response.	CWE-200 Information Exposure	CVE-2014-6143	2024-11-21 11:13	2014-12-12	Show	GitHub Exploit DB Packet Storm

285186	-	ibm	operational_decision_manager websphere_ilog_jrules websphere_operational_decision_management	The Hosted Transparent Decision Service in the Rule Execution Server in IBM WebSphere ILOG JRules 7.1 before MP1 FP5 IF43; WebSphere Operational Decision Management 7.5 before FP3 IF41; and Operation…	CWE-200 Information Exposure	CVE-2014-6114	2024-11-21 11:13	2014-12-11	Show	GitHub Exploit DB Packet Storm

285187	-	ibm	tivoli_endpoint_manager_mobile_device_management	IBM Tivoli Endpoint Manager Mobile Device Management (MDM) before 9.0.60100 uses the same secret HMAC token across different customers' installations, which allows remote attackers to execute arbitra…	CWE-310 Cryptographic Issues	CVE-2014-6140	2024-11-21 11:13	2014-12-7	Show	GitHub Exploit DB Packet Storm

285188	-	gnu	glibc	GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-6040	2024-11-21 11:13	2014-12-6	Show	GitHub Exploit DB Packet Storm

285189	-	zohocorp	manageengine_opmanager manageengine_it360 manageengine_social_it_plus	Directory traversal vulnerability in the multipartRequest servlet in ZOHO ManageEngine OpManager 11.3 and earlier, Social IT Plus 11.0, and IT360 10.3, 10.4, and earlier allows remote attackers or re…	CWE-22 Path Traversal	CVE-2014-6036	2024-11-21 11:13	2014-12-5	Show	GitHub Exploit DB Packet Storm

285190	-	zohocorp	manageengine_opmanager	Directory traversal vulnerability in the FileCollector servlet in ZOHO ManageEngine OpManager 11.4, 11.3, and earlier allows remote attackers to write and execute arbitrary files via a .. (dot dot) i…	CWE-22 Path Traversal	CVE-2014-6035	2024-11-21 11:13	2014-12-5	Show	GitHub Exploit DB Packet Storm