Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241461 10 危険 シトリックス・システムズ - Citrix MetaFrame Presentation Server などの製品で使用される XTE におけるネットワークセキュリティポリシーを回避される脆弱性 - CVE-2007-2850 2012-06-26 15:46 2007-05-23 Show GitHub Exploit DB Packet Storm
241462 9.3 危険 AVAST Software s.r.o. - avast! Anti-Virus Managed Client の SIS アンパッカーにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2846 2012-06-26 15:46 2007-05-24 Show GitHub Exploit DB Packet Storm
241463 9.3 危険 AVAST Software s.r.o. - avast! Anti-Virus Managed Client の CAB 解凍プログラムにおけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2007-2845 2012-06-26 15:46 2007-05-24 Show GitHub Exploit DB Packet Storm
241464 10 危険 アップル - Apple Safari における他のドメインから制限された情報にアクセスされる脆弱性 - CVE-2007-2843 2012-06-26 15:46 2007-05-24 Show GitHub Exploit DB Packet Storm
241465 7.2 危険 Debian - gfax における任意のコマンドを実行される脆弱性 - CVE-2007-2839 2012-06-26 15:46 2007-07-5 Show GitHub Exploit DB Packet Storm
241466 7.2 危険 gsambad - GSAMBAD の populate_conns 関数における任意のファイルを上書きされる脆弱性 - CVE-2007-2838 2012-06-26 15:46 2007-07-1 Show GitHub Exploit DB Packet Storm
241467 3.6 注意 fireflier - FireFlier の fireflier-server における任意のファイルを上書きされる脆弱性 - CVE-2007-2837 2012-06-26 15:46 2007-07-1 Show GitHub Exploit DB Packet Storm
241468 7.8 危険 GNU Project - Emacs におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2833 2012-06-26 15:46 2007-06-21 Show GitHub Exploit DB Packet Storm
241469 4.3 警告 シスコシステムズ - Cisco CallManager の Web アプリケーションファイアウォールにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2832 2012-06-26 15:46 2007-05-23 Show GitHub Exploit DB Packet Storm
241470 4.3 警告 atmail pty ltd - Atmail の ReadMsg.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2825 2012-06-26 15:46 2007-05-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291691 - yourfreeworld apartment_search_script Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header,… CWE-20
 Improper Input Validation  		CVE-2008-6684 2017-09-29 10:33 2009-04-11 Show GitHub Exploit DB Packet Storm
291692 - butterflymedia butterfly_organizer Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) mytable parameter to view.php, (2) mytable p… CWE-79
Cross-site Scripting 		CVE-2008-6700 2017-09-29 10:33 2009-04-11 Show GitHub Exploit DB Packet Storm
291693 - preprojects pre_ads_portal Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.ph… CWE-79
Cross-site Scripting 		CVE-2008-6715 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291694 - preprojects pre_ads_portal homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request. CWE-287
Improper Authentication 		CVE-2008-6716 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291695 - uochm signup U&M Software Signup 1.0 and 1.1 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct reques… CWE-287
Improper Authentication 		CVE-2008-6717 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291696 - uochm justbookit U&M Software JustBookIt 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to… CWE-287
Improper Authentication 		CVE-2008-6718 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291697 - uochm justlistit U&M Software Event Lister (aka JustListIt) 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via … CWE-287
Improper Authentication 		CVE-2008-6719 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291698 - deltascripts php_links SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka the admin … CWE-89
SQL Injection 		CVE-2008-6720 2017-09-29 10:33 2009-04-14 Show GitHub Exploit DB Packet Storm
291699 - ajsquare aj_article SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter (aka the username field). CWE-89
SQL Injection 		CVE-2008-6721 2017-09-29 10:33 2009-04-15 Show GitHub Exploit DB Packet Storm
291700 - turnkeyforms entertainment_portal TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator. CWE-287
Improper Authentication 		CVE-2008-6723 2017-09-29 10:33 2009-04-15 Show GitHub Exploit DB Packet Storm