Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241071 6.8 警告 ヒューレット・パッカード - HP Digital Imaging の hpqvwocx.dll における絶対パストラバーサルの脆弱性 - CVE-2007-3649 2012-09-25 16:47 2007-07-10 Show GitHub Exploit DB Packet Storm
241072 7.8 危険 Linux - Linux kernel の net/netfilter/nf_conntrack_h323_asn1.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2007-3642 2012-09-25 16:47 2007-07-9 Show GitHub Exploit DB Packet Storm
241073 7.5 危険 mkportal - MKPortal における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-3637 2012-09-25 16:47 2007-07-9 Show GitHub Exploit DB Packet Storm
241074 6.8 警告 LimeSurvey - LimeSurvey における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-3632 2012-09-25 16:47 2007-07-9 Show GitHub Exploit DB Packet Storm
241075 10 危険 levent veysi portal - Levent Veysi Portal の oku.asp における SQL インジェクションの脆弱性 - CVE-2007-3629 2012-09-25 16:47 2007-07-9 Show GitHub Exploit DB Packet Storm
241076 5 警告 PEAR - PEAR Structures-DataGrid-DataSource-MDB2 の MDB2.php における "生成されたソートクエリを操作される" 脆弱性 - CVE-2007-3628 2012-09-25 16:47 2007-07-9 Show GitHub Exploit DB Packet Storm
241077 7.5 危険 php lite - PHP Lite Calendar Express における SQL インジェクションの脆弱性 - CVE-2007-3627 2012-09-25 16:47 2007-07-9 Show GitHub Exploit DB Packet Storm
241078 7.8 危険 日立 - Hitachi TPBroker の ADM デーモンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2007-3626 2012-09-25 16:47 2007-07-6 Show GitHub Exploit DB Packet Storm
241079 4.3 警告 日立 - Hitachi JP1/HiCommand Device Manager におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3623 2012-09-25 16:47 2007-07-6 Show GitHub Exploit DB Packet Storm
241080 5 警告 maia mailguard - Maia Mailguard におけるディレクトリトラバーサルの脆弱性 - CVE-2007-3620 2012-09-25 16:47 2007-06-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
358721 - leszek_krupinski l-forum L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which… NVD-CWE-Other
CVE-2002-1460 2008-09-6 05:30 2003-06-9 Show GitHub Exploit DB Packet Storm
358722 - webscriptworld web_shop_manager Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box. NVD-CWE-Other
CVE-2002-1461 2008-09-6 05:30 2003-06-9 Show GitHub Exploit DB Packet Storm
358723 - organicphp php-affiliate details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers to modify information of other users by modifying certain hidden form fields. NVD-CWE-Other
CVE-2002-1462 2008-09-6 05:30 2003-06-9 Show GitHub Exploit DB Packet Storm
358724 - cafelog b2 Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable. NVD-CWE-Other
CVE-2002-1464 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm
358725 - cafelog b2 SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable. NVD-CWE-Other
CVE-2002-1465 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm
358726 - cafelog b2 CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable. NVD-CWE-Other
CVE-2002-1466 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm
358727 - macromedia flash_player
shockwave 		Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3)… NVD-CWE-Other
CVE-2002-1467 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm
358728 - ibm aix Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root. NVD-CWE-Other
CVE-2002-1468 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm
358729 - scponly scponly scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs … NVD-CWE-Other
CVE-2002-1469 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm
358730 - nullsoft shoutcast_server SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log… NVD-CWE-Other
CVE-2002-1470 2008-09-6 05:30 2003-04-22 Show GitHub Exploit DB Packet Storm